SessionAuthenticationModule.AuthenticateSessionSecurityToken Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Authenticates the incoming request by validating the incoming session token. Upon successful validation, it updates the current HTTP context and thread principal with the specified SessionSecurityToken.
public:
virtual void AuthenticateSessionSecurityToken(System::IdentityModel::Tokens::SessionSecurityToken ^ sessionToken, bool writeCookie);public virtual void AuthenticateSessionSecurityToken (System.IdentityModel.Tokens.SessionSecurityToken sessionToken, bool writeCookie);abstract member AuthenticateSessionSecurityToken : System.IdentityModel.Tokens.SessionSecurityToken * bool -> unit
override this.AuthenticateSessionSecurityToken : System.IdentityModel.Tokens.SessionSecurityToken * bool -> unitPublic Overridable Sub AuthenticateSessionSecurityToken (sessionToken As SessionSecurityToken, writeCookie As Boolean)Parameters
- sessionToken
- SessionSecurityToken
The session security token to use to authenticate the incoming HTTP request.
- writeCookie
- Boolean
true to write the session cookie; otherwise, false.
Remarks
The AuthenticateSessionSecurityToken method is called from the OnAuthenticateRequest method. It calls the SetPrincipalFromSessionToken method to validate the incoming token and update the Thread.CurrentPrincipal and the HttpContext.User properties. If the writeCookie parameter is true, the WriteSessionTokenToCookie method is invoked to write the session token to a cookie.
