FedAuth Token not Expiring with Custom Login
-
05-10-2020 - |
Вопрос
I am trying to login a user into SharePoint 2010 using C#.
This logs the user in correctly, but creates a FedAuth token that does not expire. On the SecurityTokenForFormsAuthentication method that last parameter is "false" is the isPersistant parameter.
I tried setting the tokenGS1.validTo property but that is apparently read-only.
Anyone have an idea about how to get this token to expire correctly?
SecurityToken tokenGS1 = null;
SPIisSettings iisSettings = IisSettings;
Uri appliesTo = new Uri(siteAddress.ToString());
if (string.IsNullOrEmpty(userName) ||
string.IsNullOrEmpty(password))
return null;
SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;
tokenGS1 = SPSecurityContext.SecurityTokenForFormsAuthentication(
appliesTo,
authProvider.MembershipProvider,
authProvider.RoleProvider,
userName,
password,
false);
EstablishSessionWithToken(tokenGS1);
try
{
URLSource = Request.QueryString["Source"].ToString();
}
catch (Exception qstr)
{
URLSource = "https://somewebsite/";
}
Response.Redirect(URLSource);
Решение
Figured it out. The EstablishSessionWithToken(tokeGS1) function had a method that created the token as a sessiontoken.
Не связан с sharepoint.stackexchange