W.I.F.: Setting IsSessionMode to true, can't seem to make it happen

后端未结

关注

 4  2647

野的像风 2021-02-20 13:55

We are having problems with Safari(and Opera) and from what I have read the FedAuth cookies are just too big.

There is an \"neat trick\" to fix this: \"WIF RTM added a p

4条回答

深忆病人 (楼主)

2021-02-20 14:28

One important thing to note is how to handle SecurityTokenValidated and SessionSecurityTokenCreated events of WSFederationAuthenticationModule class.

Alternative 1 — auto event wire up in global.asax (explicit method names without manual wiring to events):

void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e)
{
    FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
}

// or

void WSFederationAuthenticationModule_SessionSecurityTokenCreated(object sender, SessionSecurityTokenCreatedEventArgs e)
{
    e.SessionToken.IsReferenceMode = true;
}

Alternative 2 — manual method wiring to events in global.asax. The point is that it must not be in Application_Start but in overriden Init:

void Application_Start(object sender, EventArgs e)
{
    // Called only once on application start
    // This is not the right place to wire events for all HttpApplication instances
}

public override void Init()
{
    // Called for each HttpApplication instance
    FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenValidated += STV;
    FederatedAuthentication.WSFederationAuthenticationModule.SessionSecurityTokenCreated += SSTC;
}

void STV(object sender, SecurityTokenValidatedEventArgs e)
{
    FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
}

// or

void SSTC(object sender, SessionSecurityTokenCreatedEventArgs e)
{
    e.SessionToken.IsReferenceMode = true;
}

0 讨论(0)

查看其它4个回答