Reputation: 57469
How is User Identity | Principal set during the application lifecycle
In ASP.NET (MVC and WebAPI), how is the User Identity object initialized with the data from the FormsAuthentication cookie?
What I want to do is to use 2 types of authentication, cookie based and a custom header based one. Since the AuthorizeAttribute class only checks the User.Identity.IsAuthorized() method and uses no code specific to FormsAuthentication, then that means all I have to do is to manually setup the User.Identity object, whether in the global.asax or in a DelegatingHandler.
So, how do I setup User.Identity? How does the framework automatically set it up using FormsAuthentication?
Upvotes: 7
Views: 7267
Answers (2)
Reputation: 81680
ASP.NET MVC Controller has a Controller.User but Web API does not have one. It is currenty being requested to be put in.
Upvotes: 0
Reputation: 11190
Here is a related answer.
Identity can be set in a handler, in a module, or in Global.asax. You can modify it at any point in the request lifecycle, but usually the best place to do it is in PostAuthenticateRequest. At this point, FormsAuthentication has done it's work and you can augment or replace the HttpContext.Current.User.
Upvotes: 1
Related Questions
- How Does Identity Work in Asp .Net MVC 5
- How does IdentityFactoryOptions<AppIdentityUserManager> options get set?
- When are the Asp.Net Identity are created and assigned to the user?
- When is HttpContext.User.Identity set?
- How does ASP.NET WebAPI using IIS store my users authentication state?
- Where does HttpApplication.User.Identity get updated?
- When does User.Identity.Name get set in MVC4
- What sets User.Identity.IsAuthenticated in an ASP.NET MVC app?
- Who sets the IsAuthenticated property of the HttpContext.User.Identity
- How does IIS persist a user's identity from page to page in an ASP.net application?