This documentation is archived and is not being maintained.

SessionAuthenticationModule Members

Windows Identity Foundation
[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

When the STS issues a security token for the user, SessionAuthenticationModule also creates a session security token for the user and places it in a cookie. On subsequent requests, the SessionAuthenticationModule intercepts this cookie and uses it to reconstruct the user’s IClaimsPrincipal.

The following tables list the members exposed by the SessionAuthenticationModule type.

public propertyContextSessionSecurityTokenReturns the active SessionSecurityToken for the current HttpContext.
public propertyCookieHandlerThe CookieHandler used to read, write, and delete session cookies.
public propertyIsSessionModeGet or sets if mode is session.
public propertyServiceConfiguration  Gets or sets the ServiceConfiguration in effect for this module. (Inherited from HttpModuleBase)

(see also Protected Methods)
public methodAuthenticateSessionSecurityTokenAuthenticates the incoming request by updating the current HTTP context and thread principal with the provided SessionSecurityToken.
public methodContainsSessionTokenCookieDetermines if a session cookie is in the provided cookie collection.
public methodCreateSessionSecurityTokenCreates a SessionSecurityToken using the configured handler.
public methodDeleteSessionTokenCookieDeletes any session cookies.
public methodDispose  Disposes of the resources used by the module. (Inherited from HttpModuleBase)
public methodEquals  (Inherited from Object)
public methodGetHashCode  (Inherited from Object)
public methodGetType  (Inherited from Object)
public methodInit  Initializes the module. (Inherited from HttpModuleBase)
public methodReadSessionTokenFromCookieReads a SessionSecurityToken from a session cookie.
public methodSignOutSign out the current user and fire the associated events.
public methodToString  (Inherited from Object)
public methodTryReadSessionTokenFromCookieReads a SessionSecurityToken from a session cookie and returns a value that indicates whether the session cookie was read.
public methodWriteSessionTokenToCookieWrites a SessionSecurityToken to a session cookie.

protected methodFinalize  (Inherited from Object)
protected methodInitializeModuleOverridden. Initializes the module and prepares it to handle events from the module's ASP.NET application object.
protected methodInitializePropertiesFromConfigurationInitialize module properties based on definitions in the configuration file.
protected methodMemberwiseClone  (Inherited from Object)
protected methodOnAuthenticateRequestHandles AuthenticateRequest event from the ASP.NET pipeline. Checks if a cookie is present and reads the cookie as a SessionSecurityToken. Raises the OnSessionSecurityTokenReceived event. Sets the Thread.CurrentPrincipal to ClaimsPrincipal. Raises the OnSignInError event when the SessionSecurityToken fails validation.
protected methodOnPostAuthenticateRequestEvent handler for Application.PostAuthenticateRequest
protected methodOnSessionSecurityTokenCreatedRaise the SessionSecurityTokenCreated event.
protected methodOnSessionSecurityTokenReceivedRaise the SessionSecurityTokenReceived event.
protected methodOnSignedOutRaise the SignedOut event.
protected methodOnSigningOutRaise the SigningOut event.
protected methodOnSignOutErrorRaise the SignOutError event.
protected methodSetPrincipalFromSessionTokenSets the principals on the HttpContext and Thread to that of the provided session token.
protected methodValidateSessionTokenEnsures that the SessionSecurityToken is valid.

public eventSessionSecurityTokenCreatedOccurs when a session security token has been created.
public eventSessionSecurityTokenReceivedOccurs when a session security token has been read from a cookie.
public eventSignedOutEvent raised after the user is signed out.
public eventSigningOutOccurs before deleting the sign-in session.
public eventSignOutErrorEvent raised when signout error occurs.

Copyright © 2008 by Microsoft Corporation. All rights reserved.