Hello,
I see that Federated Identity stores Security token to a cookie, after its first request to the STS(Secure Token Service). In that case if I disable cookie in my browser, how does it work.
Does the authentication module again connects to the STS to retrieve the user information or will it throw any error ?
Is there any way that I can use federated authentication cookieless ?
First, please see this discussion for what happens when you log on. http://stackoverflow.com/questions/2897422/where-federation-authentication-token-is-saved-wif-sts/2899628#2899628
I believe that you would need to override a number of classes in the WIF framework to have anything resembling a 'cookieless' Windows Identity Foundation. I wouldn't recommend it.
I tried disabling cookies in my browser. The result is that once I log in, I get immediately redirected back to the STS. I had somewhat expected to see an error message, but there was none.