0

I am trying to implement claim based security in web application. I have a class like.

public class AuthorisationManager : ClaimsAuthorizationManager
{
    public override bool CheckAccess(AuthorizationContext context)
    {
        //if (context.Principal.Identity.IsAdmin())
        //    return true;
        var resource = context.Resource.First().Value;
        var action = context.Action.First().Value;
        return context.Principal.HasClaim(resource, action);
    }
    public override void LoadCustomConfiguration(System.Xml.XmlNodeList nodelist)
    {
        base.LoadCustomConfiguration(nodelist);
    }
}

and I have CustomPrinciple like

 public class CustomPrinciple  : ClaimsPrincipal
{
    public CustomPrinciple(IIdentity identity)
        : base(identity)
    {
    }
}

Its always returning false because context.Principal is WindowsPrinciple. I tried to set it in Globas.asax.cs like

 protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
    {
        HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];

        if (authCookie != null)
        {
            FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

            PermissionManager mgr = new PermissionManager();
            mgr.CheckUserAccess("", "");
            mgr.LoadPermissionModel("XYZ");

            HttpContext.Current.User = mgr.LoadPermissionModel("ABC");
            Thread.CurrentPrincipal = HttpContext.Current.User;
            AppDomain.CurrentDomain.SetThreadPrincipal(Thread.CurrentPrincipal);
        }
    }

How can I change it so that I can get the CustomPrinciple in CheckAccess(AuthorizationContext context)

Thanks

Improve this question
3
  • 1
    I guess you have "<authorization mode="Windows"> in your web.config instead of "Forms" or "None" (both should work with claims based auth).
    – Wiktor Zychla
    Commented Feb 25, 2013 at 10:58
  • you are right. I am able to get GenericPrinciple now in AuthorizationManager but still I need to get CustomPrinciple in that.
    – D J
    Commented Feb 26, 2013 at 7:25
  • @WiktorZychla I am able to get it now. Thanks for this. You can add it as an answer so that I can accept it. Thanks a lot again.
    – D J
    Commented Feb 26, 2013 at 7:32

1 Answer 1

Reset to default
2

(The suggested answer to be accepted):

I guess you have <authorization mode="Windows"> in your web.config instead of Forms or None (both should work with claims based auth).

Improve this answer
1
  • I am using a WCF service and have set authorizationMode to 'None' and still getting a WindowsPrincipal the second time CheckAccess is called. (Yes it's called with a ClaimsPrincipal the first time - where the principal matches my incomingPrincipal from my ClaimsAuthenticationManager, but with a WindowsPrincipal the second time).
    – Arnaud
    Commented Feb 17, 2014 at 1:52

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.