WIF session helper APIs for browser-based (passive) applications in Thinktecture IdentityModel
Recently I added several convenience APIs to Thinktecture.IdentityModel. The goal of the helper methods is to provide simple and standard implementations for behaviors that you might want in your WIF-enabled ASP.NET application. Some of these behaviors could be configured in web.config, but some others cannot and require code. In both cases, the APIs provide a simple mechanism to enable the various behaviors.
This post will serve as the starting documentation for these APIs and I will provide a post per behavior. I will update the links here as the posts become available. Here is the list of behaviors the APIs enable:
- Sliding sessions
- Configuring session token lifetime
- Overriding WS-Federation token lifetime
- Configuring persistent session token cookies
- Server-side session token caching
- Configuring machine key protection of session tokens
- Suppressing session token validation exceptions
- Suppress login redirects for API clients (e.g., WebAPI and Ajax)
- Dynamic issuer name registry direct from STS federation metadata
The APIs are broken down into two classes based upon when the configuration needs to be set to enable the behavior:
- PassiveSessionConfiguration is for one-time configuration that can be set in Application_Start in global.asax, and
- PassiveModuleConfiguration is per-module configuration that needs to be set in Init in global.asax (which I discussed here).
I plan to update the 4.0 version of IdentityModel with the same APIs in the coming weeks.