Microsoft Identity Model for claims based authentication uses SessionSecurityTokenHandler to create cookie. This cookie is encrypted using DPAPI. This will not work if you are going to deploy your applications in Webfarm or in general Microsoft Azure platform. To support Web Farm deployment we need to remove the default Cookie Transform used by the Session Security Handler and then add our own customized cookie transform.
We need to provide two cookie transforms
- For encryption based upon the machine key settings
- HMAC-SHA1 cookie transform for tamper proofing of the cookie.
In next few days, my team will be providing both the cookie transforms and sample code to demonstrate this.
Thanks,
Ashwani
No comments:
Post a Comment