SessionAuthenticationModule.AuthenticateSessionSecurityToken Method

Definition

Authenticates the incoming request by validating the incoming session token. Upon successful validation, it updates the current HTTP context and thread principal with the specified SessionSecurityToken.

public:
 virtual void AuthenticateSessionSecurityToken(System::IdentityModel::Tokens::SessionSecurityToken ^ sessionToken, bool writeCookie);
public virtual void AuthenticateSessionSecurityToken (System.IdentityModel.Tokens.SessionSecurityToken sessionToken, bool writeCookie);
abstract member AuthenticateSessionSecurityToken : System.IdentityModel.Tokens.SessionSecurityToken * bool -> unit
override this.AuthenticateSessionSecurityToken : System.IdentityModel.Tokens.SessionSecurityToken * bool -> unit
Public Overridable Sub AuthenticateSessionSecurityToken (sessionToken As SessionSecurityToken, writeCookie As Boolean)

Parameters

sessionToken
SessionSecurityToken

The session security token to use to authenticate the incoming HTTP request.

writeCookie
Boolean

true to write the session cookie; otherwise, false.

Remarks

The AuthenticateSessionSecurityToken method is called from the OnAuthenticateRequest method. It calls the SetPrincipalFromSessionToken method to validate the incoming token and update the Thread.CurrentPrincipal and the HttpContext.User properties. If the writeCookie parameter is true, the WriteSessionTokenToCookie method is invoked to write the session token to a cookie.

Applies to