如何处理 Global.asax 中的 SessionSecurityTokenReceived 事件?

发布于 2024-12-15 14:14:55 字数 2044 浏览 1 评论 0 原文

我正在尝试在 WIF 中设置滑动会话,并且需要处理 SessionSecurityTokenReceived

我确信我在这里做了一些愚蠢的事情...但是 VS2010 不断告诉我在下面所示的位置没有适用的变量或成员。有人能指出我正确的方向吗?我已经到处搜索了如何定义此事件的处理的实际示例,但我找不到一个。

Global.asax

protected void Application_Start()
{

    FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenReceived 
           += SessionAuthenticationModule_SessionSecurityTokenReceived;
     //         ^^^ There is no applicable variable or member
}



void SessionAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
{
            DateTime now = DateTime.UtcNow;
            DateTime validFrom = e.SessionToken.ValidFrom;
            DateTime validTo = e.SessionToken.ValidTo;
            if ((now < validTo) &&
            (now > validFrom.AddMinutes((validTo.Minute - validFrom.Minute) / 2))
            )
            {
                SessionAuthenticationModule sam = sender as SessionAuthenticationModule;
                e.SessionToken =  sam.CreateSessionSecurityToken(
                    e.SessionToken.ClaimsPrincipal, 
                    e.SessionToken.Context,
                    now,
                    now.AddMinutes(2), 
                    e.SessionToken.IsPersistent);
                e.ReissueCookie = true;
            }
            else
            {
                //todo: WSFederationHelper.Instance.PassiveSignOutWhenExpired(e.SessionToken, this.Request.Url);

                // this code from: http://stackoverflow.com/questions/5821351/how-to-set-sliding-expiration-in-my-mvc-app-that-uses-sts-wif-for-authenticati

                var sessionAuthenticationModule = (SessionAuthenticationModule)sender;

                sessionAuthenticationModule.DeleteSessionTokenCookie();

                e.Cancel = true;
            }
  } 

I'm trying to set up sliding sessions in WIF and need to handle SessionSecurityTokenReceived.

I'm sure I'm doing something dumb here... but VS2010 keeps on telling me that There is no applicable variable or member in the spot illustrated below. Can anyone point me in the right direction? I've searched high and low for actual samples of how to define the handling of this event, but I can't find a single one.

Global.asax

protected void Application_Start()
{

    FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenReceived 
           += SessionAuthenticationModule_SessionSecurityTokenReceived;
     //         ^^^ There is no applicable variable or member
}



void SessionAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
{
            DateTime now = DateTime.UtcNow;
            DateTime validFrom = e.SessionToken.ValidFrom;
            DateTime validTo = e.SessionToken.ValidTo;
            if ((now < validTo) &&
            (now > validFrom.AddMinutes((validTo.Minute - validFrom.Minute) / 2))
            )
            {
                SessionAuthenticationModule sam = sender as SessionAuthenticationModule;
                e.SessionToken =  sam.CreateSessionSecurityToken(
                    e.SessionToken.ClaimsPrincipal, 
                    e.SessionToken.Context,
                    now,
                    now.AddMinutes(2), 
                    e.SessionToken.IsPersistent);
                e.ReissueCookie = true;
            }
            else
            {
                //todo: WSFederationHelper.Instance.PassiveSignOutWhenExpired(e.SessionToken, this.Request.Url);

                // this code from: http://stackoverflow.com/questions/5821351/how-to-set-sliding-expiration-in-my-mvc-app-that-uses-sts-wif-for-authenticati

                var sessionAuthenticationModule = (SessionAuthenticationModule)sender;

                sessionAuthenticationModule.DeleteSessionTokenCookie();

                e.Cancel = true;
            }
  } 

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

清风挽心 2024-12-22 14:14:55

我认为您不需要订阅活动。删除启动时的订阅,只需使用

SessionAuthenticationModule_SessionSecurityTokenReceived

ASP.Net 就会为您连接。 (该模块必须命名为“SessionAuthenticationModule”,默认情况下)。

如果您正在处理滑动会话,Vittorio 的这篇博客文章非常好:http://blogs.msdn.com/b/vbertocci/archive/2010/06/16/warning-sliding-sessions-are-closer-than-they-appear.aspx

I don't think you need the event subscription. Remove the subcription on start and just use

SessionAuthenticationModule_SessionSecurityTokenReceived

ASP.Net will wire that for you. (The module has to be named "SessionAuthenticationModule" and it is by default).

If you are working on sliding sessions, this blog post by Vittorio is pretty good: http://blogs.msdn.com/b/vbertocci/archive/2010/06/16/warning-sliding-sessions-are-closer-than-they-appear.aspx

娇俏 2024-12-22 14:14:55

不要在 Global.asax 中定义它,而是创建一个继承 SessionAuthenticationModule 的新类:

public class CustomAuthenticationModule : SessionAuthenticationModule
{
   public CustomAuthenticationModule()
   {
      this.SessionSecurityTokenReceived += new EventHandler<SessionSecurityTokenReceivedEventArgs>(CustomAuthenticationModule_SessionSecurityTokenReceived); 
   }

   void CustomAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
   {
      // Your code
   }
}

然后在 web.config 中,用新模块替换默认的 SessionAuthentication 模块:

<modules>
   <add name="SessionAuthenticationModule" type="CustomAuthenticationModule" preCondition="managedHandler"/>
</modules>

Instead of defining it in Global.asax, create a new class that inherits SessionAuthenticationModule:

public class CustomAuthenticationModule : SessionAuthenticationModule
{
   public CustomAuthenticationModule()
   {
      this.SessionSecurityTokenReceived += new EventHandler<SessionSecurityTokenReceivedEventArgs>(CustomAuthenticationModule_SessionSecurityTokenReceived); 
   }

   void CustomAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
   {
      // Your code
   }
}

Then in your web.config, substitute the default SessionAuthentication module with your new module:

<modules>
   <add name="SessionAuthenticationModule" type="CustomAuthenticationModule" preCondition="managedHandler"/>
</modules>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文