5

我正在尝试在 WIF 中设置滑动会话并且需要处理SessionSecurityTokenReceived

我确定我在这里做了一些愚蠢的事情......但是VS2010There is no applicable variable or member在下图所示的地方不断告诉我。谁能指出我正确的方向?我已经在高处和低处搜索了如何定义此事件处理的实际示例,但我找不到一个。

全球.asax

protected void Application_Start()
{

    FederatedAuthentication.WSFederationAuthenticationModule.SecurityTokenReceived 
           += SessionAuthenticationModule_SessionSecurityTokenReceived;
     //         ^^^ There is no applicable variable or member
}



void SessionAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
{
            DateTime now = DateTime.UtcNow;
            DateTime validFrom = e.SessionToken.ValidFrom;
            DateTime validTo = e.SessionToken.ValidTo;
            if ((now < validTo) &&
            (now > validFrom.AddMinutes((validTo.Minute - validFrom.Minute) / 2))
            )
            {
                SessionAuthenticationModule sam = sender as SessionAuthenticationModule;
                e.SessionToken =  sam.CreateSessionSecurityToken(
                    e.SessionToken.ClaimsPrincipal, 
                    e.SessionToken.Context,
                    now,
                    now.AddMinutes(2), 
                    e.SessionToken.IsPersistent);
                e.ReissueCookie = true;
            }
            else
            {
                //todo: WSFederationHelper.Instance.PassiveSignOutWhenExpired(e.SessionToken, this.Request.Url);

                // this code from: http://stackoverflow.com/questions/5821351/how-to-set-sliding-expiration-in-my-mvc-app-that-uses-sts-wif-for-authenticati

                var sessionAuthenticationModule = (SessionAuthenticationModule)sender;

                sessionAuthenticationModule.DeleteSessionTokenCookie();

                e.Cancel = true;
            }
  } 
4

2 回答 2

9

我认为您不需要事件订阅。在开始时删除订阅并使用

SessionAuthenticationModule_SessionSecurityTokenReceived

ASP.Net 将为您连接。(模块必须命名为“SessionAuthenticationModule”,默认情况下)。

如果您正在研究滑动会话,Vittorio 的这篇博客文章非常好:http: //blogs.msdn.com/b/vbertocci/archive/2010/06/16/warning-sliding-sessions-are-closer-than -他们出现.aspx

于 2011-11-14T20:04:50.527 回答
0

不要在 Global.asax 中定义它,而是创建一个继承 SessionAuthenticationModule 的新类:

public class CustomAuthenticationModule : SessionAuthenticationModule
{
   public CustomAuthenticationModule()
   {
      this.SessionSecurityTokenReceived += new EventHandler<SessionSecurityTokenReceivedEventArgs>(CustomAuthenticationModule_SessionSecurityTokenReceived); 
   }

   void CustomAuthenticationModule_SessionSecurityTokenReceived(object sender, SessionSecurityTokenReceivedEventArgs e)
   {
      // Your code
   }
}

然后在你的 web.config 中,用你的新模块替换默认的 SessionAuthentication 模块:

<modules>
   <add name="SessionAuthenticationModule" type="CustomAuthenticationModule" preCondition="managedHandler"/>
</modules>
于 2011-11-14T20:07:00.667 回答