Showing posts with label Session state. Show all posts
Showing posts with label Session state. Show all posts

Saturday 27 November 2010

Change to session cookies for Claims Based Authentication

When you log into SharePoint using Claims Based Authentication, a cookie is written/persisted to ​disk (FedAuth) to persist your session, which prevents you having to be authenticated each time you open a new browser or re-boot.  So using a FedAuth cookie allows the browser to close and re-open windows as long as the FedAuth cookie has not expired.  For ADFS, FedAuth cookie expiry is by default set to expire 10 minute earlier than the SAML token.

You can change the cookie to be session based by running this PowerShell script:

$sts = Get-SPSecurityTokenServiceConfig
$sts.UseSessionCookies = $true
$sts.Update()
iisreset

You can revert back to a disk based cookie (default) by running this:

$sts.UseSessionCookies = $false
$sts.Update()
iisreset

Show cookies on a local machine for Internet Explorer

IE > Internet Options> General > Browser history "Settings" > Temporary Internet Files "View files".

Update 2016/03/10
Tip:  I wanted to examine a cookie to check the user being authenticate, and I opened the cookie using a base64 online decoder https://www.base64decode.org/




Update: 2016/11/23
IE Developer tool bar and Fiddler are great and easy to use and pretty feature rich but lately I have been using Chromes Developer toolbar press "Ctrl" + "Shift" + "i".



Monday 7 June 2010

Using Session State in SharePoint 2010

Problem: I have setup session state but when I try add a custom object (class instance) to me ASP.NET session state (SQL) I get an error "unable to serialize the session state. in 'stateserver' and 'sqlserver' mode asp.net will serialize".
Initial Hypothesis:
I am adding a class to my session state
Client Instance = new Client("Paul", "Male");
HttpContext.Current.Session["ASPNETSession"] = Instance;
The Client class is not marked as Serializable

Resolution:
Mark the "Client" class as [Serializable]
http://dotnetguts.blogspot.com/2009/06/steps-for-session-inproc-mode-to.html

Friday 4 June 2010

SharePoint Session State

Problem: Building a composite application in SharePoint 2010 I need to store information for a user. A basket/shopping cart like feature is required.
Initial Hypothesis: Store data against the user profile, or a custom list and retrieve using Linq/CAML or use session state. Session state is not supported by SP2010 OOTB and it can have severe performance implications.
Resolution: enable ASP.NET session state. This stores the session state in a SQL Server database. Start the Powershell cmd prompt:

Enter the following PowerShell command in the SharePoint 2010 Management Shell window:
or
Enable-SPSessionStateService -DatabaseName "ASPNet_State" -DatabaseServer "spdemo.dev" -SessionTimeout 30Each web application for which you want Edit the web.config file and set the enableSessionState property of the pages element as follows:

More Info:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/3145fd29-2315-42f7-8f9d-cf6d52dc3c95
http://www.kajanmoorthy.com/2010/05/enable-session-state-in-sharepoint-2010.html
http://todd-carter.com/post/2010/04/30/A-Session-State-By-Any-Other-Name.aspx