zef
zef

Reputation: 1

SessionSecurityTokenReceived called too many times

I have a Web Forms application which makes use of WIF and Claims based authorization. Im using Thinktecture IdentityServer v2.5 for my STS with my custom login page and custom authentication against database and then issuing the token.

Its all working fine at the moment and no issues, the only problem came when I was configuring Sliding Sessions as shown by Brock Allen in this post http://brockallen.com/2013/02/17/sliding-sessions-in-wif-with-the-session-authentication-module-sam-and-thinktecture-identitymodel/

My problem is that the event mentioned in the post SessionSecurityTokenReceived is getting called too many times per page load. I just wanted to know what is the reason behind that and could this be a performance hit ?

Upvotes: 0

Views: 110

Answers (1)

Jon
Jon

Reputation: 11

I'm doing something similar and have come across the same issue. It is because the event is called for every single resource the page consumes (css, js, etc) that is also secured by the web application. In global.asax.cs, in the event, if you insert the line...

var requestContext = HttpContext.Current.Request.RequestContext.HttpContext.Request;

...and put a breakpoint on this line, you can observe this behavior by inspecting the value.

Upvotes: 1

Related Questions