[Dev Tip] Claim-based notes


#1) Set IsAuthenticated = true

The IIdentity interface has the IsAuthenticated property. This is typically set to true whenever you deal with implementations of that interface, e.g as soon as you set the Nameproperty of GenericIdentity, IsAuthenticated is automatically set to true. IIRC in WIF, as soon as a ClaimsIdentity had a claim, IsAuthenticated was set to true.

This has changed in .NET 4.5. It is now possible to create a ClaimsIdentity that has claims, but having IsAuthenticated set to false. Actually this is the default now, when you new upClaimsIdentity like this:

var id = new ClaimsIdentity(claims);

To have IsAuthenticated set to true, you need to specify an authentication type in the ctor:

var id = new ClaimsIdentity(claims, “Custom”);

#2) Claims principal

You don’t need to set the Thread.CurrentPrincipal because the session module will do this for you. You will need to access it through the HttpContext.Current.User because the Thread.Principal is usually set on a different thread than the one accessing your service because it is two different modules in IIS.

Advertisements