asp.net-mvc


ASP.NET MVC - Custom IIdentity or IPrincipal with Windows Authentication


I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in #User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.
My CustomPrincipal and BaseViewPage setup:
namespace Intranet_v2.Helpers
{
public interface ICustomPrincipal : IPrincipal
{
Guid UserGuid { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string FullName { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string identity)
{
this.Identity = new GenericIdentity(identity);
}
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class CustomPrincipalSerializeModel
{
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class BaseController : Controller
{
protected virtual new CustomPrincipal User
{
get { return HttpContext.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage : WebViewPage
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
}
Views Web.Config BaseViewPage:
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization"/>
<add namespace="System.Web.Routing" />
<add namespace="Intranet_v2" />
</namespaces>
</pages>
I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:
protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
//var application = (HttpApplication)sender;
var context = application.Context;
if (context.User != null || !context.User.Identity.IsAuthenticated) return;
var formsIdentity = (FormsIdentity)context.User.Identity;
if (formsIdentity == null) return;
var ticket = formsIdentity.Ticket;
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);
CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
newUser.UserGuid = serializeModel.UserGuid;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.FullName = serializeModel.FullName;
var values = ticket.UserData.Split('|');
var roles = values[1].Split(',');
context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}
Now I'm at the point where #User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.
All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.
What I normally do is just request the additional user information later. For instance, using an Extension method like:
public static class PrincipalExtensions
{
private static void Initialize(string userName)
{
var userRecord = //Get user information from DB;
var session = HttpContext.Current.Session;
if (session != null)
{
session.Add("UserID", userRecord.ID);
session.Add("UserEmail", userRecord.Email);
//And so on
}
}
public static long? GetUserID(this IPrincipal user)
{
var id = HttpContext.Current.Session["UserID"] as long?;
if (id == null)
Initialize();
return (long)HttpContext.Current.Session["UserID"];
}
}
This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.

Related Links

Clarification on using ELAMH in ASP.NET MVC
How to keep model state in a MVC4 view…?
using api area. ASP.NET MVC
MVC disable unobtrusive validation for specific validator
How can I handle derived types in Entity Framework 5 Code First and MVC?
How to properly implement a drop-down box using <SelectListItem> and repository pattern in ASP.NET MVC
MVC 4 Mobile Display Mode Doesn't work after deployment?
Adding dynamic attributes to a model
ASP MVC3 - Link to files on shared folder
How to show Jquery message in MVC from controller
How to get all blobs with are stored inside azure storage container
How to input data to custom column in userprofile table when creating a new user
How to handle site-wide querystring parameters in MVC?
Need help setting up Membership with ASP.NET MVC4/jQuery Mobile
unable to set layout page for a view
What does asp.net mvc 4.0 use for JSON serialization?

Categories

HOME
sbt
opencv
lsf
logstash
dicom
prebuild
styling
runtime-error
twitter-digits
jasypt
payment-processing
sony
whitespace
entity
predictionio
silverlight
higher-order-functions
command-line-arguments
stackexchange-api
html-email
advantage-database-server
sfsafariviewcontroller
multiprocessing
co
semantics
ibm-datapower
netcdf
confidence-interval
weather-api
editorconfig
google-geocoder
ocean
android-imageview
bluebird
svgpanzoom
webcenter
jformattedtextfield
powerbuilder-conversion
dsx
rft
message-hub
psychopy
mdanalysis
formatdatetime
jquery-ui-dialog
nscalendar
pci
psycopg2
name-mangling
website-hosting
orchestrate
webloadui
gpt
omniauth
getelementbyid
mysql-notifier
error-correction
sound-synthesis
jasny-bootstrap
directsound
cufft
sql-server-2016-express
dms
enhanced-ecommerce
oracle-policy-automation
okuma
tag-helpers
document-ready
ssha
session-replication
many-to-one
esky
ppl
devenv
stringr
gevent-socketio
odoo
javaw
information-schema
physx
liferay-hook
tinkerpop-frames
keyboard-navigation
qt4.7
inputview
confirmation
libavcodec
appstore-sandbox
couchrest
glulookat
python-dateutil
hamlc
12factor
xml-dtd
retain
orthographic
android-searchmanager
anemic-domain-model
contracts
68hc11
metaphone
case-tools

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App