简体繁体 English

.NET 4.5 SessionAuthenticationModule

[英].NET 4.5 SessionAuthenticationModule

原文 2013-03-05 13:23:58 4 1 .net/ .net-4.5/ wif/ claims-based-identity/ asp.net-4.5

I am trying to use a SessionAuthenticationModule to create a token and write it to the cookies instead of using the old FormAuthentication.SetAuthCookie. 我正在尝试使用SessionAuthenticationModule创建令牌并将其写入cookie，而不是使用旧的FormAuthentication.SetAuthCookie。 This is so I can also add claims to my principal and have them available on every request. 这样一来，我也可以向我的委托人添加索偿，并使索偿在每个请求中都可用。

It works fine on my own computer but when I deploy to the server I am getting this error: Specified argument was out of the range of the valid values. 它可以在我自己的计算机上正常工作，但是当我部署到服务器时，出现此错误：指定的参数超出有效值范围。 Parameter name: keyExpirationTime 参数名称：keyExpirationTime

Source: System.IdentityModel Stack Trace pointsto one of the overloaded constructors - it seems to have gone from my original call to CreateSessionSecurityToken through the TokenHandler and then via a couple of constructors. 来源：System.IdentityModel Stack跟踪指向一个重载的构造函数-似乎已经从我最初的调用通过TokenHandler然后通过几个构造函数转到CreateSessionSecurityToken。

My SessionAuthenticationModule is a class I have written myself but derives from System.IdentityModel.Services.SessionAuthenticationModule and overrides the OnPostAuthenticateRequest. 我的SessionAuthenticationModule是我自己编写的一个类，但派生自System.IdentityModel.Services.SessionAuthenticationModule并覆盖OnPostAuthenticateRequest。

I am sending in DateTime.Now and DateTime.Now.AddMinutes(20) for the validFrom and validTo params (on a separate note, can this be a configuration setting and if so where? - obviously I could set up an AppSetting for the minutes but presumably there is a security configuration setting somewhere?) 我正在发送有效时间和有效时间参数的DateTime.Now和DateTime.Now.AddMinutes（20）（在单独的注释上，这可以是配置设置吗？如果可以的话，在哪里呢？-很明显，我可以在几分钟内设置一个AppSetting但大概是某个地方有安全配置设置？）

I have searched for this error message but cannot find any mention of it. 我已经搜索了此错误消息，但找不到任何提及。

I have used FederationAuthentication.SessionAuthenticationModule.CreateSessionSecurityToken and have also tried HttpContext.Current.ApplicationInstance.Modules("SessionAuthenticationModule") - both work on my dev machine but neither work on the server. 我使用了FederationAuthentication.SessionAuthenticationModule.CreateSessionSecurityToken，还尝试了HttpContext.Current.ApplicationInstance.Modules（“ SessionAuthenticationModule”）-两者都可以在我的开发机上工作，但不能在服务器上工作。

The server has Windows 2008 R2, I have Windows 7 Professional. 该服务器具有Windows 2008 R2，我具有Windows 7 Professional。 Both have IIS 7.5.7600.16385. 两者都具有IIS 7.5.7600.16385。 Both have .NET 4.5 installed using the dotNetFx45_Full_setup.exe v4.5.50709.17929. 两者都使用dotNetFx45_Full_setup.exe v4.5.50709.17929安装了.NET 4.5。 For testing I am just using a virtual app under the Default Web Site which uses a 64-bit app pool with an Integrated pipeline and both app pools run under the AppPoolIdentity. 为了进行测试，我只是在默认网站下使用一个虚拟应用程序，该网站使用具有集成管道的64位应用程序池，并且两个应用程序池都在AppPoolIdentity下运行。

The CreateSessionSecurityToken is called from a page which executes after the sessionauthennticationmodule has added a claim. 从sessionauthenntication模块添加声明后执行的页面中调用CreateSessionSecurityToken。

It's bound to be something fairly simple but I need help figuring out what it is! 它一定很简单，但是我需要帮助弄清楚它是什么！ Would really appreciate some help. 非常感谢您的帮助。

thanks Phil 谢谢菲尔

1 个解决方案

All samples says "Use DateTime.UtcNow", can you try it? 所有样本都显示“ Use DateTime.UtcNow”，您可以尝试吗？ Also you can paste null to a ValidTo to specify that the value should be determined by adding the value of the SessionSecurityTokenHandler.DefaultTokenLifetime property to the time specified by the validFrom parameter. 您还可以将null粘贴到ValidTo，以指定应通过将SessionSecurityTokenHandler.DefaultTokenLifetime属性的值添加到validFrom参数指定的时间来确定该值。