发表新帖
发表新帖

W.I.F.: Setting IsSessionMode to true, can't seem to make it happen

后端 未结
关注
4 2648
野的像风
野的像风 2021-02-20 13:55

We are having problems with Safari(and Opera) and from what I have read the FedAuth cookies are just too big.

There is an \"neat trick\" to fix this: \"WIF RTM added a p

相关标签:
4条回答
  • 灰色年华
    2021-02-20 14:22

    Have you registered your event handler for the SessionSecurityTokenCreated event?

    FederatedAuthentication.WSFederationAuthenticationModule.SessionSecurityTokenCreated 
    += this.WSFederationAuthenticationModule_SessionSecurityTokenCreated;

    This line needs to be added to the Application_Start medthod in your Global.asax file.

    The FederatedAuthentication class in in the namespace Microsoft.IdentityModel.Web.

    0 讨论(0)
  • 悲哀的现实
    2021-02-20 14:23

    Hi try this: instead of the SessionSecurityTokenCreated event use the SecurityTokenValidated

    In the global.ascx

    void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e) 
{   
    FederatedAuthentication.SessionAuthenticationModule.IsSessionMode = true; 
}

    Check the comment from Dominick Baier blog

    0 讨论(0)
  • 深忆病人
    2021-02-20 14:28

    One important thing to note is how to handle SecurityTokenValidated and SessionSecurityTokenCreated events of WSFederationAuthenticationModule class.

    Alternative 1 — auto event wire up in global.asax (explicit method names without manual wiring to events):

    void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e)
{
    FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
}

// or

void WSFederationAuthenticationModule_SessionSecurityTokenCreated(object sender, SessionSecurityTokenCreatedEventArgs e)
{
    e.SessionToken.IsReferenceMode = true;
}

    Alternative 2 — manual method wiring to events in global.asax. The point is that it must not be in Application_Start but in overriden Init:

    void Application_Start(object sender, EventArgs e)
{
    // Called only once on application start
    // This is not the right place to wire events for all HttpApplication instances
}

public override void Init()
{
    // Called for each HttpApplication instance
    FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenValidated += STV;
    FederatedAuthentication.WSFederationAuthenticationModule.SessionSecurityTokenCreated += SSTC;
}

void STV(object sender, SecurityTokenValidatedEventArgs e)
{
    FederatedAuthentication.SessionAuthenticationModule.IsReferenceMode = true;
}

// or

void SSTC(object sender, SessionSecurityTokenCreatedEventArgs e)
{
    e.SessionToken.IsReferenceMode = true;
}
    0 讨论(0)
  • 栀梦
    2021-02-20 14:36

    Old thread, but I believe SessionSecurityTokenCreated is the proper event to handle this--tested it and it works under "old WIF" and NET 4.5 with the appropriate namespace variations.

    void WSFederationAuthenticationModule_SessionSecurityTokenCreated(object sender, System.IdentityModel.Services.SessionSecurityTokenCreatedEventArgs e)
{
    e.SessionToken.IsReferenceMode = true;
}
    0 讨论(0)
 看不清?
提交回复
热议问题