Question about DatabaseSSOSessionStore

When using DatabaseSSOSessionStore, how is the session information bound to a user?

Is it done with a cookie similar to the normal session or is it up to the developer to come up with their own scheme to associate the session with the user.

This documentation isn’t super clear on this point.


It’s up to the developer to use whatever mechanism suits the application.
The ISSOSessionStore interface includes a SessionID property that must return a unique identifier associated with the browser session.
The DatabaseSSOSessionStore implements this property by using the ASP.NET session ID (ie associated with the ASP.NET cookie, assuming there is one).
If there is no ASP.NET cookie then you can provide your own implementation of the SessionID property using a custom cookie or any other mechanism.

We have used DatabaseSSOSessionStore to store sessions in SSOSessions Table as we have web farm scenario. But the session data is not getting inserted in SSOSessions Table.
We used the following code
SAMLConfiguration.SSOSessionStore = new DatabaseSSOSessionStore(ConfigurationManager.ConnectionStrings[“SAMLConString”].ConnectionString, “SSOSessions”);
We tried to use Save method like sessionStore.Save(sessionStore); but the data is not getting saved.

Let us know if there is anything we are missing. If possible could you share any sample code.

Thank you.

There isn’t really any code other than setting the SAMLConfiguration.SSOSessionStore property as you’ve done. The rest is configuration including creating the database and table as described in the Developer Guide.
Are you seeing anything stored in the database table?
Are exceptions being thrown?
Could you please enable SAML trace and send the generated log file as an email attachment to mentioning this post?