What makes the FederatedAuthentication.SessionAuthenticationModule return NULL?

Question

I'm not sure why but my FederatedAuthentication.SessionAuthenticationModule is resolving as NULL and crashing my app when I try to run my ClaimsTransformer() module:

    public void EstablishSession(ClaimsPrincipal principal)
    {
        var sessionToken = new SessionSecurityToken(principal, TimeSpan.FromHours(8))
        {
            IsPersistent = false, // make persistent
            IsReferenceMode = true // cache on server
        };


        FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
       // FederatedAuthentication.SessionAuthenticationModule == null and I throw an error :(
    }

Here's what's in my web.config:

<configSections>
  <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
  <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<system.web>
  <authentication mode="None" />
</system.web>
<system.webServer>
  <modules runAllManagedModulesForAllRequests="true">
    <remove name="RoleManager" />
    <remove name="FormsAuthentication" />
    <remove name="SessionAuthenticationModule" />
    <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
  </modules>
</system.webServer>
<system.identityModel>
  <identityConfiguration>
    <claimsAuthenticationManager type="Web.Infrastructure.Authentication.ClaimsTransformer, Web" />
  </identityConfiguration>
</system.identityModel>
<system.identityModel.services>
  <federationConfiguration>
    <cookieHandler requireSsl="false" />
  </federationConfiguration>
</system.identityModel.services>

This is driving me crazy as I have the code running in a (proof of concept) project without any problems, and appears is all I need to get this functionality working, but for some strange reason, when I try to implement in our real project, my FederatedAuthentication.SessionAuthenticationModule is always NULL.

What am I missing here? Any Ideas? Why is the SessionAuthenticationModule not initializing correctly?

Why you add three 'remove' node before adding SessionAuthenticationModule? — Danila Polevshchikov, Jul 10 '13 at 09:18
In case the setting was added somewhere else in the .config chain. Removing then added I've seen before, and since my code was not working, I was trying everything... — user1265146, Jul 10 '13 at 14:46

score 15 · Accepted Answer · edited Aug 17 '16 at 12:06

15

I'm having almost same behavior with already-working project and FederatedAuthentication.WSFederationAuthenticationModule.

Problem solved my switching from IIS Express to full IIS (bad merge of for project file).

Also you can try to add this module not only to a section, but :

<system.web>
<httpModules>
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />

You may refer to this MSDN article for a sample.

edited Aug 17 '16 at 12:06

Stacked

6,892
7
57
73

answered Jul 16 '13 at 11:55

Danila Polevshchikov

2,228
2
24
35

Yes.. I discovered the Casini problem just the other day, only by chance as another developer was using IIS, and needed to change the port locally on the project and it got checked into TFS :) – user1265146 Jul 16 '13 at 17:24
2

IIS *Express* (or full IIS) works for me, just not the Visual Studio Development Server ("Cassini"). – Tom Robinson Jan 24 '14 at 15:11

score 1 · Answer 2 · answered Mar 06 '15 at 23:32

I've been having this problem and just solved it by adding the following to my web.config. Worth a try if anyone else is having the same problem.

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true">
      <remove name="FormsAuthenticationModule" />
      <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"></add>
    </modules>
  </system.webServer>

score 0 · Answer 3 · answered Jan 19 '18 at 17:43

Check your web.config:

<configSections>
   <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
   <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>

<system.webServer>
   <modules>
      <add name="SessionAuthenticationModule" 
            type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
   </modules>
</system.webServer>

<system.identityModel.services>
   <federationConfiguration>
      <cookieHandler requireSsl="false" />
   </federationConfiguration>
</system.identityModel.services>

What makes the FederatedAuthentication.SessionAuthenticationModule return NULL?

3 Answers3

Linked