W.I.F.: Setting IsSessionMode to true, can't seem to make it happen

后端 未结 4 2676
野的像风
野的像风 2021-02-20 13:55

We are having problems with Safari(and Opera) and from what I have read the FedAuth cookies are just too big.

There is an \"neat trick\" to fix this: \"WIF RTM added a p

4条回答
  •  深忆病人
    2021-02-20 14:28

    One important thing to note is how to handle SecurityTokenValidated and SessionSecurityTokenCreated events of WSFederationAuthenticationModule class.

    Alternative 1 — auto event wire up in global.asax (explicit method names without manual wiring to events):

    void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e)
    {
        FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
    }
    
    // or
    
    void WSFederationAuthenticationModule_SessionSecurityTokenCreated(object sender, SessionSecurityTokenCreatedEventArgs e)
    {
        e.SessionToken.IsReferenceMode = true;
    }
    

    Alternative 2 — manual method wiring to events in global.asax. The point is that it must not be in Application_Start but in overriden Init:

    void Application_Start(object sender, EventArgs e)
    {
        // Called only once on application start
        // This is not the right place to wire events for all HttpApplication instances
    }
    
    public override void Init()
    {
        // Called for each HttpApplication instance
        FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenValidated += STV;
        FederatedAuthentication.WSFederationAuthenticationModule.SessionSecurityTokenCreated += SSTC;
    }
    
    void STV(object sender, SecurityTokenValidatedEventArgs e)
    {
        FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
    }
    
    // or
    
    void SSTC(object sender, SessionSecurityTokenCreatedEventArgs e)
    {
        e.SessionToken.IsReferenceMode = true;
    }
    

提交回复
热议问题