Forms authentication was great. For like 10 years it was great. But it’s time for us to move on… The main issue with Forms authentication is that the forms auth cookie was primarily only designed to keep the user’s username and no additional data (despite the UserData property and the unfortunate lack of APIs to … Continue reading Replacing forms authentication with WIF’s session authentication module (SAM) to enable claims aware identity