问题
I'm using the Session Authentication Module to store the user claims in the authentication cookie.
What is the recommended approach to update the user's claims whilst they are logged in? An example would be if they update their profile (First Name/Last Name) and we want to update the associated claims.
I don't want to log the user out when this happens so DeleteSessionTokenCookie is not an option.
回答1:
Set a new session cookie with SAM.WriteSessionTokenToCookie.
回答2:
Leastprivilege's answer is correct.
But in response to Vijay V's comment, here's example code on how to update the cookie after adding new claims to your claims principal:
var sam = FederatedAuthentication.SessionAuthenticationModule;
if (sam != null)
{
var token = new SessionSecurityToken(claimsPrincipal);
sam.WriteSessionTokenToCookie(token);
}
Pulled the code from here.
来源:https://stackoverflow.com/questions/15157841/how-to-update-a-claim-when-using-session-authentication-module-sam