Hi everyone!
I'm developing a standard Federated Application, that consists of 3 elements:
- Client - Sample Website project
- Secure Token Service - creates a Tokens and adds some information as a Claims in a ClaimSet
- Service - WCF service with [OperationContract] bool CanUserGoFurther (...)
So how does it work?:
Client Application requests for a SamlToken from STS
(wsFederationHttpBinding), and asks Service (wsHttpBinding) for some
stuff. Service aplication analyses Token claims using:
OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets
and replies to the client.
Every thing works fine (the token is requested, clients gets correct
reply), but I want to avoid requesting for a token each time I need to
analyse users Claims. Is there any way to store SecuretToken in a
session or as a cookie, so as to avoid constant requesting for Token?
--
greetings