Reputation: 1146
ASP.NET Identity 2.0, self hosted OWIN, NTLM and application roles persistance
I'm currently trying to get my hands on ASP.NET Identity 2.0 and there are some aspects I'm not finding answers to:
Here's my setup:
- WebAPI 2 self hosted with Nowin (I need full SignalR but my server's not running 2012 r2)
- A custom NTLM implementation
- ASP.NET Identity 2.0 with own
IdentityDbContext<>
What's working so far:
- The WebAPI
- The custom NTLM
AuthenticationHandler<>(I can access theUser.Identityin ApiControllers - Adding claims
My actual question
The claims I add to the identity aren't persisted to the database so they don't survive application restarts, nor are they correctly linked to the actual windows identity so two "sessions" of the same user can have different claims.
What I actually expected is that the ASP.NET Identity 2.0 creates some sort of "local (application) user" once I'm authenticated (from a successful NTLM handshake) where the application claims are stored.
I'm pretty sure there's some plumbing code missing somewhere, but I can't find where.
Upvotes: 0
Views: 813
Answers (1)
Reputation: 1146
After a good amount of fiddling around the solutions is the following:
- Create a passive authentication middleware that does the NTLM authentication when asked to
- Create a custom action on the Accounts controller to transform the NTLM/Windows identity to an application identity and sign in with that one.
Upvotes: 1
Related Questions
- ASP.NET Identity in a Web API
- Implementing identity server behind web api owin authentication
- OWIN WebAPI 2 Bearer authentication custom identity
- Web Api Asp.Net Identity
- ASPNet Identity Authentication MVC5 Client web site->Auth Server-> Web API server
- Identity Server and web api for user management
- Configuring ASP.Net Identity for an ASP.Net WebAPI application
- How do I use ASP.NET Identity across my MVC and WebAPI?
- Claims Auth with OWIN Self Hosted WebApi
- How to setup OWIN with Windows authentication and a custom role provider