asp.net-mvc


ASP.NET MVC - Custom IIdentity or IPrincipal with Windows Authentication


I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in #User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.
My CustomPrincipal and BaseViewPage setup:
namespace Intranet_v2.Helpers
{
public interface ICustomPrincipal : IPrincipal
{
Guid UserGuid { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string FullName { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string identity)
{
this.Identity = new GenericIdentity(identity);
}
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class CustomPrincipalSerializeModel
{
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class BaseController : Controller
{
protected virtual new CustomPrincipal User
{
get { return HttpContext.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage : WebViewPage
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
}
Views Web.Config BaseViewPage:
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization"/>
<add namespace="System.Web.Routing" />
<add namespace="Intranet_v2" />
</namespaces>
</pages>
I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:
protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
//var application = (HttpApplication)sender;
var context = application.Context;
if (context.User != null || !context.User.Identity.IsAuthenticated) return;
var formsIdentity = (FormsIdentity)context.User.Identity;
if (formsIdentity == null) return;
var ticket = formsIdentity.Ticket;
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);
CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
newUser.UserGuid = serializeModel.UserGuid;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.FullName = serializeModel.FullName;
var values = ticket.UserData.Split('|');
var roles = values[1].Split(',');
context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}
Now I'm at the point where #User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.
All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.
What I normally do is just request the additional user information later. For instance, using an Extension method like:
public static class PrincipalExtensions
{
private static void Initialize(string userName)
{
var userRecord = //Get user information from DB;
var session = HttpContext.Current.Session;
if (session != null)
{
session.Add("UserID", userRecord.ID);
session.Add("UserEmail", userRecord.Email);
//And so on
}
}
public static long? GetUserID(this IPrincipal user)
{
var id = HttpContext.Current.Session["UserID"] as long?;
if (id == null)
Initialize();
return (long)HttpContext.Current.Session["UserID"];
}
}
This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.

Related Links

Asp.net mvc4 bootstrap tab change
MVC pattern and flexibility?
WebApi Action filter called twice
ELMAH SqlErrorLog
How do I use label and display for?
Conditionally adding class based on route
ASP.NET MVC4 + Bootstrap 3 How to apply a different theme?
Display folder name in Visual Studio open file tab
How to use Kendo UI MVC Extensions with require js?
Html.ActionLink forwarding the to controllers right method but not the parameter's value
Log someone out if the same credentials is used to log in from another web client
NSubstitute: Mocking the request, response object inside a MVC/Web Api Controller?
jQuery Ajax POST to send multiple checkbox status to MVC4 controller
Unicode Issue with Chrome
text rendered in partial view still encoded
Problems returning PartialViews from controller

Categories

HOME
math
opencv
opencl
identityserver4
codenameone
compliance
rtmp
saml
passwords
genetic-algorithm
application-cache
r-caret
microsoft-dynamics
calayer
light-inject
cloudrail
imp
qualtrics
slowcheetah
exe4j
accelerated-mobile-page
aikau
nice-language
robotium
zos
epicorerp
abstract-syntax-tree
azure-redis-cache
fat-free-framework
trial
editorconfig
expression-trees
asana-api
jsplumb
panel-data
kube-dns
pvlib
subtotal
sieve-of-eratosthenes
nio
docker-image
decompiler
firedac
polymer-cli
ulimit
wp-api
xargs
psycopg2
recurrence
stroke
database-cleaner
simple.odata.client
ternary
javascript-security
billing
lcov
assembly-references
nuget-package-restore
swift-package-manager
iseries-navigator
manifoldcf
django-errors
vispy
surroundscm
vb4android
telecommunication
facebook-comments
jca
xelement
autopy
python-dragonfly
openejb
hjson
android-gpuimageview
gulp-rename
voting
easynetq
spiceworks
cvs2git
gnat
bitrock
gdk
formhelper
cellular-automata
populate
cfile
nawk
vlfeat
sysadmin
nsusernotificationcenter
emacs-jedi
hogan.js
google-website-optimizer
working-directory
time-limiting
mknetworkkit
letter-spacing
emacs-ecb
coolstorage
machine.config
pastebin
webshop
posterous
usenet

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App