Skip to content

Instantly share code, notes, and snippets.

@woloski
Created June 21, 2012 19:28
Embed
What would you like to do?
WIF disabling encryption and signature on cookies
protected void Application_Start()
{
FederatedAuthentication.ServiceConfigurationCreated += OnServiceConfigurationCreated;
}
void OnServiceConfigurationCreated(object sender,
ServiceConfigurationCreatedEventArgs e)
{
List<CookieTransform> sessionTransforms =
new List<CookieTransform>(
new CookieTransform[]
{
new DeflateCookieTransform(),
//new RsaEncryptionCookieTransform("some x509 cert with private key"),
//new RsaSignatureCookieTransform("some x509 cert with private key")
}
);
var sessionHandler = new SessionSecurityTokenHandler(sessionTransforms.AsReadOnly());
e.ServiceConfiguration.SecurityTokenHandlers.AddOrReplace(sessionHandler);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment