SessionAuthenticationModule.AuthenticateSessionSecurityToken Method (SessionSecurityToken, Boolean)

.NET Framework (current version)
 
System_CAPS_noteNote

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Authenticates the incoming request by validating the incoming session token. Upon successful validation, it updates the current HTTP context and thread principal with the specified SessionSecurityToken.

Namespace:   System.IdentityModel.Services
Assembly:  System.IdentityModel.Services (in System.IdentityModel.Services.dll)

public virtual void AuthenticateSessionSecurityToken(
	SessionSecurityToken sessionToken,
	bool writeCookie
)

Parameters

sessionToken
Type: System.IdentityModel.Tokens.SessionSecurityToken

The session security token to use to authenticate the incoming HTTP request.

writeCookie
Type: System.Boolean

true to write the session cookie; otherwise false.

The AuthenticateSessionSecurityToken method is called from the OnAuthenticateRequest method. It calls the SetPrincipalFromSessionToken method to validate the incoming token and update the Thread.CurrentPrincipal and the HttpContext.User properties. If the writeCookie parameter is true, the WriteSessionTokenToCookie method is invoked to write the session token to a cookie.

.NET Framework
Available since 4.5
Return to top
Show: