Handles the HttpApplication.AuthenticateRequest event from the ASP.NET pipeline.
Assembly: System.IdentityModel.Services (in System.IdentityModel.Services.dll)
This method does the following:
If a session security token cannot be read (most likely because a session has not been established), return.
Invokes the OnSessionSecurityTokenReceived method to raise the SessionSecurityTokenReceived event. This provides an opportunity for the token read from the cookie to be modified or for the request to be canceled. The handler can also specify that the token should be reissued, by setting the SessionSecurityTokenReceivedEventArgs.ReissueCookie property.
If the token is to be reissued, removes it from the cache and invokes the OnSessionSecurityTokenCreated method to raise the SessionSecurityTokenCreated event. This provides opportunity for the token to again be modified. The reissue behavior can also be modified by setting the SessionSecurityTokenCreatedEventArgs.WriteSessionCookie property in the event handler.
Invokes the AuthenticateSessionSecurityToken method to authenticate the user. If successful, this has the effect of setting the Thread.CurrentPrincipal property to the principal that is contained in the SessionSecurityToken.ClaimsPrincipal property of the incoming token.
If the session has expired, invokes the SignOut method.
- Full trust for the immediate caller. This member cannot be used by partially trusted code. For more information, see Using Libraries from Partially Trusted Code.
Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.