ComponentSpace

Forums



Being able to signout even after application restart (default inmemorycache)


Being able to signout even after application restart (default...

Author
Message
[email protected]...
david.ernstsson@stratsys.se
New Member
New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)

Group: Forum Members
Posts: 11, Visits: 39
Case:
- Currently using default implementation of ISsoSessionStore with inmemorycache. Thus state is lost when restart.
- Would still like to be able to logout user from partner idp after application restart.
- We've implemented a custom authentication middleware so we have full control of authentication flow
- We know the specific configuration and partner at signoutpoint in middleware

"What we would like to do"
- We would somehow want to have access to the Saml SessionIndex in CustomSamlClaimFactory so that we could then add it to our user identity cookie.
- We would thus later like to be able to initialize a state from the SessionIndex in the middleware when attempting to logout user and the memorycache has been cleared

Anything unclear? Valid usecase?

We can't really see how to do this but I might be missing something. For starters SsoSessionState is internal class


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
By default the ISsoSessionStore is implemented by the DistributedSsoSessionStore.
This in turns uses an IDistributedCache to store the SSO session data.
The default implementation of IDistributedCache is the MemoryDistributedCache.
If you need the SSO session store to persist of application restarts, you could supply a persistent implementation of IDistributedCache.
SsoSessionState is intended to be internal.

Regards
ComponentSpace Development
[email protected]...
david.ernstsson@stratsys.se
New Member
New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)New Member (17 reputation)

Group: Forum Members
Posts: 11, Visits: 39
ComponentSpace - 6/27/2017
By default the ISsoSessionStore is implemented by the DistributedSsoSessionStore.
This in turns uses an IDistributedCache to store the SSO session data.
The default implementation of IDistributedCache is the MemoryDistributedCache.
If you need the SSO session store to persist of application restarts, you could supply a persistent implementation of IDistributedCache.
SsoSessionState is intended to be internal.

Hello again,

We now have a simple redis cache up and running but I don't really see how this will actually help us to make the session store persistant after restart. After a quick look at in the implementation DistributedSsoSessionStore the session will not be matched to the existing cookie due to  "private static readonly string cookieName = string.Format("{0}-{1}", (object) "saml-session", (object) Guid.NewGuid().ToString());"

A couple questions:
- Is there any way we can support application restart without writing our own implementation of ISsoSessionStore?
- I don't really see the use case or purpose of creating a new "saml-session-[sessionId]" cookie each time application restarts without taking any consideration to the one before. Care to elaborate? Why not always use "saml-session-id" as the cookie name?

There's at least two use-cases for us that I can think of that is not working at the moment:
- Signout after application restart
- Application restart while user is signing in at partner identityprovider



ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
This is an area we're interested in enhancing.
I'll reply to your email to discuss your requirements and propose possible solutions.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search