SessionAuthenticationModule.AuthenticateSessionSecurityToken Method (SessionSecurityToken, Boolean)

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Authenticates the incoming request by validating the incoming session token. Upon successful validation, it updates the current HTTP context and thread principal with the specified SessionSecurityToken.

Namespace:   System.IdentityModel.Services
Assembly:  System.IdentityModel.Services (in System.IdentityModel.Services.dll)

public virtual void AuthenticateSessionSecurityToken(
	SessionSecurityToken sessionToken,
	bool writeCookie


Type: System.IdentityModel.Tokens.SessionSecurityToken

The session security token to use to authenticate the incoming HTTP request.

Type: System.Boolean

true to write the session cookie; otherwise false.

The AuthenticateSessionSecurityToken method is called from the OnAuthenticateRequest method. It calls the SetPrincipalFromSessionToken method to validate the incoming token and update the Thread.CurrentPrincipal and the HttpContext.User properties. If the writeCookie parameter is true, the WriteSessionTokenToCookie method is invoked to write the session token to a cookie.

.NET Framework
Available since 4.5
Return to top