WSFederationAuthenticationModule.SessionSecurityTokenCreated Event

.NET Framework (current version)
 
System_CAPS_noteNote

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Occurs when a session security token has been created from the security token received from a security token service (STS).

Namespace:   System.IdentityModel.Services
Assembly:  System.IdentityModel.Services (in System.IdentityModel.Services.dll)

public event EventHandler<SessionSecurityTokenCreatedEventArgs> SessionSecurityTokenCreated

You can add an event handler to modify the session token before it is used to set the thread principal and is written to the session cookie. In the event handler, you can access the session token through the SessionSecurityTokenCreatedEventArgs.SessionToken property. You can specify whether a session cookie should be written by setting the SessionSecurityTokenCreatedEventArgs.WriteSessionCookie property.

This event is raised from inside the OnAuthenticateRequest event-handler delegate when processing a WS-Federation sign-in response message (“wsignin1.0”) received from the security token service (STS). It is raised just after the security token that was deserialized from the wresult or the wresultptr parameter in the sign-in response message has been validated, and before the claims principal is set on the Thread.CurrentPrincipal (and on the User property of HttpContext.Current).

System_CAPS_importantImportant

To operate sessions in reference mode, Microsoft recommends providing a handler for the WSFederationAuthenticationModule.SessionSecurityTokenCreated event in the global.asax.cs file and setting the SessionSecurityToken.IsReferenceMode property on the token passed in the SessionSecurityTokenCreatedEventArgs.SessionToken property. This will ensure that the session token operates in reference mode for every request and is favored over merely setting the SessionAuthenticationModule.IsReferenceMode property on the Session Authentication Module.

void WSFederationAuthenticationModule_SessionSecurityTokenCreated(object sender, SessionSecurityTokenCreatedEventArgs e)
{
    //Manipulate session token here, for example, changing its expiration value
    System.Diagnostics.Trace.WriteLine("Handling SessionSecurityTokenCreated event");
    System.Diagnostics.Trace.WriteLine("Key valid from: " + e.SessionToken.KeyEffectiveTime);
    System.Diagnostics.Trace.WriteLine("Key expires on: " + e.SessionToken.KeyExpirationTime);
}

.NET Framework
Available since 4.5
Return to top
Show: