Base solution for your next web application
Open Closed

Losing ClaimsPrincipal #158


User avatar
0
pnw created

In Global.asax, I create a name claim and set it to the Thread and HttpContext principals.

Before leaving BeginRequest, I confirm that p.Identity is a ClaimsIdentitythat has Name = "45678" and IsAuthenticated=true.

protected override void Application_BeginRequest(object sender, EventArgs e)
        {
            SetupPrincipal();
            base.Application_BeginRequest(sender, e);
        }

        private static void SetupPrincipal()
        {
            var uid = HttpContext.Current.Request.Headers["userid"];
            if (uid == null) uid = "45678";

            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, uid)
            };
            var id = new ClaimsIdentity(claims, "wsso");
            var p = new ClaimsPrincipal(id);
            Thread.CurrentPrincipal = p;
            HttpContext.Current.User = p;
        }

Then I have my custom AbpSession that DI creates after BeginRequest. When I access the UserId:

public long? UserId
        {
            get
            {
                var cp = ClaimsPrincipal.Current;

                return 12345; // TODO how to get this from cookie!
            }
        }
ClaimsPrincipal.Current.Identities

is of WindowsIdentityand Name="" and IsAuthenticated=false. The claims collection is empty.

Why did APB destroy my Principal? How am I supposed to feed my user id into AbpSession?


1 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    This discussion continues on <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/527">https://github.com/aspnetboilerplate/as ... issues/527</a>.