public SessionIdentity(UserID user, SecurityID security, string userName,
string cookieString, IEnumerable<string> permissions, string token)
{
User = user;
Security = security;
UserName = userName;
SessionDisplay = String.Format("{0} ({1})", UserName, User.GetIdenfitier());
CookieString = cookieString;
Permissions = new HashSet<string>(permissions);
Token = token;
}