SessionAuthenticationModule.IsReferenceMode Property

.NET Framework (current version)

Gets or sets a value that specifies whether the session information (claim values, etc.) should be stored in the session cookie or whether the session content should be stored on the server side, using the cookie to store just a reference.

Namespace:   System.IdentityModel.Services
Assembly:  System.IdentityModel.Services (in System.IdentityModel.Services.dll)

public bool IsReferenceMode { get; set; }

Property Value

Type: System.Boolean

true if issued cookies are in reference mode; otherwise, false. The default is false, which specifies that issued cookies are not in reference mode.

In reference mode, the SessionSecurityToken is stored in a server-side cache (an object that derives from SessionSecurityTokenCache). The issued cookie just contains a context identifier that is used to retrieve the token from the cache.


To operate in reference mode, Microsoft recommends providing a handler for the WSFederationAuthenticationModule.SessionSecurityTokenCreated event in the global.asax.cs file and setting the SessionSecurityToken.IsReferenceMode property on the token passed in the SessionSecurityTokenCreatedEventArgs.SessionToken property. This will ensure that the session token operates in reference mode for every request and is favored over merely setting the SessionAuthenticationModule.IsReferenceMode property on the Session Authentication Module.

.NET Framework
Available since 4.5
Return to top