asp.net-mvc


ASP.NET MVC - Custom IIdentity or IPrincipal with Windows Authentication


I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in #User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.
My CustomPrincipal and BaseViewPage setup:
namespace Intranet_v2.Helpers
{
public interface ICustomPrincipal : IPrincipal
{
Guid UserGuid { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string FullName { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string identity)
{
this.Identity = new GenericIdentity(identity);
}
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class CustomPrincipalSerializeModel
{
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class BaseController : Controller
{
protected virtual new CustomPrincipal User
{
get { return HttpContext.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage : WebViewPage
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
}
Views Web.Config BaseViewPage:
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization"/>
<add namespace="System.Web.Routing" />
<add namespace="Intranet_v2" />
</namespaces>
</pages>
I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:
protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
//var application = (HttpApplication)sender;
var context = application.Context;
if (context.User != null || !context.User.Identity.IsAuthenticated) return;
var formsIdentity = (FormsIdentity)context.User.Identity;
if (formsIdentity == null) return;
var ticket = formsIdentity.Ticket;
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);
CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
newUser.UserGuid = serializeModel.UserGuid;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.FullName = serializeModel.FullName;
var values = ticket.UserData.Split('|');
var roles = values[1].Split(',');
context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}
Now I'm at the point where #User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.
All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.
What I normally do is just request the additional user information later. For instance, using an Extension method like:
public static class PrincipalExtensions
{
private static void Initialize(string userName)
{
var userRecord = //Get user information from DB;
var session = HttpContext.Current.Session;
if (session != null)
{
session.Add("UserID", userRecord.ID);
session.Add("UserEmail", userRecord.Email);
//And so on
}
}
public static long? GetUserID(this IPrincipal user)
{
var id = HttpContext.Current.Session["UserID"] as long?;
if (id == null)
Initialize();
return (long)HttpContext.Current.Session["UserID"];
}
}
This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.

Related Links

What is the right design pattern for custom template types in ASP.NET MVC?
DotNetOpenAuth 4 Sample MVC provider throws exception
Layering an ASP.NET MVC Web Application
Keep my view as clean as possible (for clarity)
create hyperlink with unique id while iterating a model in asp.net mvc
Get Url in post Action of ASP.NET MVC 3
Update Action Trouble
Run an Action in change of DropDownListFor with pass parameters in ASP.NET MVC3 with Razor View Engine
I can’t find the <modules> about UrlRoutingModule When Create a Asp.net MVC 3 Application
Display name in Data Entity framework
Html Helper with special htmlattributes
How can I make an unordered list appear within a foreach loop in MVC3 Razor?
Json() in MVC converts datetime to UTC automatically
Not able to deploy ASP.NET MVC 3
how could i validate 3 fields with jquery.validate or itegrated with asp.net mvc 3 DataAnnotations?
ASP.NET MVC Razor engine show three data in each row?

Categories

HOME
redirect
magento
pyqt5
datetime
quickblox
middleware
prometheus
android-sms
intel-xdk
wso2is
jbpm
android-bluetooth
telerik
identifier
overloading
scale
factory-girl
ssrs-2008
software-distribution
haml
co
wso2cep
desire2learn
simple-html-dom
opensuse
directx-12
pyparsing
azure-api-apps
apex-code
google-crawlers
jdom-2
extjs4
mindstorms
nomenclature
consistency
freerdp
android-studio-2.1
android-calendar
requirements-management
scoring
website-hosting
orchestrate
mashery
column-oriented
assembly-references
nuget-package-restore
findall
android-alertdialog
building
pygments
selenium2library
vb6-migration
isapi-rewrite
trello.net
jni4net
session-replication
mtp
spinach
cbc-mode
bonfire
keypad
size-t
wintersmith
vendor
puppet-enterprise
gcovr
excel-charts
sqlhelper
iqueryable
tinkerpop-frames
textselection
dataformat
ituneslibrary
lightstreamer
batman.js
transport-stream
sysadmin
chromeless
android-actionbar-compat
asp.net-session
mknetworkkit
websolr
combinators
openfeint
sharepoint-timer-job
cracker
nhaml
corporate-policy
graceful-degradation
roguelike

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App