asp.net-mvc


ASP.NET MVC - Custom IIdentity or IPrincipal with Windows Authentication


I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in #User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.
My CustomPrincipal and BaseViewPage setup:
namespace Intranet_v2.Helpers
{
public interface ICustomPrincipal : IPrincipal
{
Guid UserGuid { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string FullName { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string identity)
{
this.Identity = new GenericIdentity(identity);
}
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class CustomPrincipalSerializeModel
{
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class BaseController : Controller
{
protected virtual new CustomPrincipal User
{
get { return HttpContext.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage : WebViewPage
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
}
Views Web.Config BaseViewPage:
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization"/>
<add namespace="System.Web.Routing" />
<add namespace="Intranet_v2" />
</namespaces>
</pages>
I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:
protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
//var application = (HttpApplication)sender;
var context = application.Context;
if (context.User != null || !context.User.Identity.IsAuthenticated) return;
var formsIdentity = (FormsIdentity)context.User.Identity;
if (formsIdentity == null) return;
var ticket = formsIdentity.Ticket;
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);
CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
newUser.UserGuid = serializeModel.UserGuid;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.FullName = serializeModel.FullName;
var values = ticket.UserData.Split('|');
var roles = values[1].Split(',');
context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}
Now I'm at the point where #User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.
All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.
What I normally do is just request the additional user information later. For instance, using an Extension method like:
public static class PrincipalExtensions
{
private static void Initialize(string userName)
{
var userRecord = //Get user information from DB;
var session = HttpContext.Current.Session;
if (session != null)
{
session.Add("UserID", userRecord.ID);
session.Add("UserEmail", userRecord.Email);
//And so on
}
}
public static long? GetUserID(this IPrincipal user)
{
var id = HttpContext.Current.Session["UserID"] as long?;
if (id == null)
Initialize();
return (long)HttpContext.Current.Session["UserID"];
}
}
This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.

Related Links

Persistence-Ignorant ASP.NET Identity: Login system does not function but no errors
How can I use an #HtmlHelper inside a custom #HtmlHelper?
ModelState.IsValid - but not on the bound model
ASP.NET MVC Upload file
Bootstrap 3 long modal open fix postion
Sitefinity 9.2 MVC 5 Feather and Ninject - Error loading module, another module with the same name has already been loaded
HTML Changes Not Being Shown in Build for Visual Studio 2017
Replace string in Razor View
MVC5 : Retrieving newly created record and repopulating the partial view with newly created record
MVC give error Assembly are not loaded
identify which button is being clicked in mvc 5
Whitelisted azure outbound ip addresses not connecting to smtp server
Asp.net MVC Token Based Autnetication and Authorization
Asp.Net MVC Helper: create a global helper for loading view with or without layout
Single Sign On - Asp.Net Identity not working
How to override Elmah applicationname set in Web.config

Categories

HOME
lsf
whatsapp
google-search
codenameone
module
outlook
backand
sql-server-2012
linear-programming
quickblox
windows-server-2012-r2
ceph
intl
stm
wso2-das
development-environment
session-cookies
signature
nanotime
resolve
flow
silk-performer
jscodeshift
sfsafariviewcontroller
ghost-blog
multiprocessing
dotnetbar
dsc
montecarlo
broker
digital-logic
padding
centos6
point-cloud-library
android-security
flexjs
temp
reformatting
ocean
jsplumb
apache-commons-httpclient
dashboard-designer
codeskulptor
google-crawlers
spring-data-cassandra
mask
paypal-rest-sdk
jetty-9
solid-principles
ipod-touch
rft
hostname
spark-submit
maven-jetty-plugin
virtualmin
hydra
pci
powerpc
appdynamics
rating-system
wrk
typesetting
jawr
callkit
logstash-jdbc
ipopt
sound-synthesis
post-increment
sizeof
sql-server-2016-express
cover
intrinsics
okuma
jquery-load
protected
bloodhound
spatial-index
gem
zim-database
fortrabbit
mks
scribe
android-design-library
nolio
xml.modify
acts-as-taggable-on
qt4.7
pydatalog
couchrest
pligg
hresult
mysql-backup
ad-hoc-distribution
nsinvocation
nscollectionviewitem
automapping
executescalar
docking
reference-library

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App