Skip to content

Configuration for WIF session helper APIs in Thinktecture IdentityModel

May 28, 2013

I just added a custom configuration section in Thinktecture IdentityModel that will automatically drive the various SAM and FAM helper functions I added a while ago. The configuration looks something like this:

<configuration>
  <configSections>
    <section name="securitySessionConfiguration" 
             type="Thinktecture.IdentityModel.Web.Configuration.SecuritySessionSection, Thinktecture.IdentityModel"/>
  </configSections>

  <securitySessionConfiguration
    sessionTokenCacheType="WebRP.EF.EFTokenCacheRepository, WebRP"
    useMackineKeyProtectionForSessionTokens="true"
    defaultSessionDuration="01:00:00"
    persistentSessionDuration="01:00:00:00"
    cacheSessionsOnServer="true"
    enableSlidingSessionExpirations="true"
    overrideWSFedTokenLifetime="true"
    suppressLoginRedirectsForApiCalls="true"
    suppressSecurityTokenExceptions="true"
  />
</configuration>

With this in place you no longer need to explicitly invoke the various PassiveSessionConfiguration or PassiveModuleConfiguration APIs from global.asax. Also, each of these attributes is optional so you only need to specify the ones you care about.

HTH

6 Comments leave one →
  1. May 28, 2013 1:56 pm

    Reblogged this on http://www.leastprivilege.com.

  2. Michael P. permalink
    May 29, 2013 7:01 am

    I’ve just tried to download the Thinktecture.IdentityModel.45-master in order to run the Web API Security WebHost. Unfortunately it’s broken as there is no securitySessionConfiguration in the config file and adding the configuration above doesn’t work either as the referencedTokenCacheType is not part of the project. I’ve had to disable the PreApplicationStartMethod to get the sample running.

  3. RonyK permalink
    June 10, 2013 7:39 am

    Is the persistentSessionDuration configuration has to come along with persistentCookiesOnPassiveRedirects=”true”, or does it replace it?

    • June 10, 2013 10:23 am

      ConfigurePersistentSessions sets the persistentCookiesOnPassiveRedirects flag.

Trackbacks

  1. Project does not compile after update of thinktecture.identitymodel 2.6 | Technology & Programming

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: