asp.net-mvc


ASP.NET MVC - Custom IIdentity or IPrincipal with Windows Authentication


I am working on an intranet site with Windows Authentication for logins. However, I want to extend the IPrincipal to have other properties. For instance, I'd like to get the user's FirstName in #User.FirstName or User.AuthorizedActivity("Admin/Permissions/Edit") (would retrieve from db) using activities instead of roles to hide certain links, etc. I am really having a heck of a time figuring this out over the past 2 days and find much information doing this with Windows Authentication.
My CustomPrincipal and BaseViewPage setup:
namespace Intranet_v2.Helpers
{
public interface ICustomPrincipal : IPrincipal
{
Guid UserGuid { get; set; }
string FirstName { get; set; }
string LastName { get; set; }
string FullName { get; set; }
}
public class CustomPrincipal : ICustomPrincipal
{
public IIdentity Identity { get; private set; }
public bool IsInRole(string role) { return false; }
public CustomPrincipal(string identity)
{
this.Identity = new GenericIdentity(identity);
}
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class CustomPrincipalSerializeModel
{
public Guid UserGuid { get; set; }
public string FirstName { get; set; }
public string LastName { get; set; }
public string FullName { get; set; }
}
public class BaseController : Controller
{
protected virtual new CustomPrincipal User
{
get { return HttpContext.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage : WebViewPage
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
public abstract class BaseViewPage<TModel> : WebViewPage<TModel>
{
public virtual new CustomPrincipal User
{
get { return base.User as CustomPrincipal; }
}
}
}
Views Web.Config BaseViewPage:
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Intranet_v2.Helpers.BaseViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization"/>
<add namespace="System.Web.Routing" />
<add namespace="Intranet_v2" />
</namespaces>
</pages>
I think my main problem is I have no idea what to do in the protected void Application_PostAuthenticateRequest(object sender, EventArgs args) for my Global.asax.cs file. I have a poor attempt at setting it up here:
protected void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
//var application = (HttpApplication)sender;
var context = application.Context;
if (context.User != null || !context.User.Identity.IsAuthenticated) return;
var formsIdentity = (FormsIdentity)context.User.Identity;
if (formsIdentity == null) return;
var ticket = formsIdentity.Ticket;
JavaScriptSerializer serializer = new JavaScriptSerializer();
CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(ticket.UserData);
CustomPrincipal newUser = new CustomPrincipal(ticket.Name);
newUser.UserGuid = serializeModel.UserGuid;
newUser.FirstName = serializeModel.FirstName;
newUser.LastName = serializeModel.LastName;
newUser.FullName = serializeModel.FullName;
var values = ticket.UserData.Split('|');
var roles = values[1].Split(',');
context.User = new GenericPrincipal(new GenericIdentity(ticket.Name, "Forms"), roles);
}
Now I'm at the point where #User.Name is now null. I'm in way over my head on this. Any help is appreciated. My protected void Application_PostAuthenticateRequest(object sender, EventArgs args) is completely out of wack.
All I want to do is rely on Windows Authentication to do what it does normally and add a few extra properties to the HttpContext.Current.User. Any help is appreciated... I can't be the only one trying to do this.
What I normally do is just request the additional user information later. For instance, using an Extension method like:
public static class PrincipalExtensions
{
private static void Initialize(string userName)
{
var userRecord = //Get user information from DB;
var session = HttpContext.Current.Session;
if (session != null)
{
session.Add("UserID", userRecord.ID);
session.Add("UserEmail", userRecord.Email);
//And so on
}
}
public static long? GetUserID(this IPrincipal user)
{
var id = HttpContext.Current.Session["UserID"] as long?;
if (id == null)
Initialize();
return (long)HttpContext.Current.Session["UserID"];
}
}
This is roughly what I implement in some of my projects; rather than tapping into the login process and store it in the cookie, the system can lazy load the information and cache in session when the information is needed.

Related Links

posting data from partial view on main view then submitting to controller
Does azure prevent that role instances are recycled at the same time?
Attribute Routing with RoutingParameter
Unable to find a version of 'RazorEngine' that is compatible with 'Microsoft.AspNet.Razor 3.2.2'
Activation link web api using angular.js
MVC HtmlHelper BeginForm rendering differently with parameters
Is there an obvious entry point to Orchard CMS view rendering functionality that would allow me to use Orchard to render views conditionally?
MVC 5 - An item with the same key has already been added
if with start elements broken in MVC5?
How do I implement paging on a route with other parameters?
Scheduled Task for ASP.NET MVC
MVC Many to many search
Asp.Net MVC, return 3 generated images at the same time
How to change Connection in Entity Framework using Auto Fac Instance as per request ?
Different default page in MVC if authenticated
How to pass an IP address as a URL parameter to a Web API? [duplicate]

Categories

HOME
math
jsp
google-apis-explorer
gwt
outlook
amazon-kinesis
turing
normalization
android-sms
visual-studio-2012
format
clion
doorkeeper
aar
accumulo
raspberry-pi2
countdown
org-mode
abaqus
lexikjwtauthbundle
gyroscope
collision
deadbolt
nested-set-model
amazon-cloudfront
csom
urlrewriter.net
confidence-interval
unsigned-integer
iar
editorconfig
google-geocoder
opensuse
pymysql
breakpoint-sass
pyparsing
imagemapster
sieve-of-eratosthenes
executorservice
data-science
signing
jsonstore
ibm-wcm
mindstorms
nomenclature
pac
qmake
integer-programming
distributed-lock
ase
pci
openwebanalytics
federation
multisite
ternary
view-source
waf
masspay
vs-2015-preview
atmosphere.js
amazon-dynamodb-streams
hyperterm
enhanced-ecommerce
selenium2library
isapi-rewrite
scrutinizer
gcloud-java
pakyow
asp.net-authorization
sqlj
linqtocsv
sejda
xirr
database-tuning-advisor
tun
mtp
centering
mks
excel-charts
spiceworks
gdk
aps
bson
validform
tlb
onejar
glulookat
asp.net-authentication
route-me
virtual-earth
hudson-plugins
ariatemplates
noindex
azure-role-environment
jquery-pagination
staging
nscollectionviewitem
remote-control
database-dump
sqlprofileprovider

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App