+xBy default the ISsoSessionStore is implemented by the DistributedSsoSessionStore. This in turns uses an IDistributedCache to store the SSO session data. The default implementation of IDistributedCache is the MemoryDistributedCache. If you need the SSO session store to persist of application restarts, you could supply a persistent implementation of IDistributedCache. SsoSessionState is intended to be internal. Hello again, We now have a simple redis cache up and running but I don't really see how this will actually help us to make the session store persistant after restart. After a quick look at in the implementation DistributedSsoSessionStore the session will not be matched to the existing cookie due to "private static readonly string cookieName = string.Format("{0}-{1}", (object) "saml-session", (object) Guid.NewGuid().ToString());" A couple questions: - Is there any way we can support application restart without writing our own implementation of ISsoSessionStore? - I don't really see the use case or purpose of creating a new "saml-session-[sessionId]" cookie each time application restarts without taking any consideration to the one before. Care to elaborate? Why not always use "saml-session-id" as the cookie name? There's at least two use-cases for us that I can think of that is not working at the moment: - Signout after application restart - Application restart while user is signing in at partner identityprovider
|