Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
According to documentation, both module will used to create instance of IClaimsPrincipal. I am not understanding why WIF bother to use 2 HttpModules instead of one? Sorry, I am new in WIF
You don’t need both to have the
IClaimsPrincipalin the pipeline. You need the latter, theSessionAuthenticationModule. It is responsible for converting the WIF cookie into the principal object (similar what FormsAuthenticationModule does with a form cookie).The former,
WSFederationAuthenticationModuleis responsible only for the initial SAML post from the indentity provider to your application – the module consumes the post and issues the WIF cookie. Alternatively you can do it with awif:FederatedPassiveSignIncontrol placed on your login form.When I code WIF-enabled applications, I usually have only the SAM module and I use the login control for issuing cookies.