|
Been testing using custom Principles with WCF backends and found that it just does not work.
I can get the customPrinciple created by overriding the ClaimsAuthenticationManager but the principle is never set on the thread. Fromreading the developer white paper it is strongly suggested that this use case should work - i.e. the same model should work in ASP.NET apps and WCF services. And if you are using Claims, then your app most likely has comples security requirements, so customPrincipals are highly likely to be used.
My testing so far has shown that the Microsoft.IdentityModel.Web.ClaimsPrincipalHttpModule has to be present and the service hit using a http request to get the ClaimsAuthenticationManager used, but then when called using WCF (wsHttpBinding), the Thread principle is never set.
So far I see 2 issues for the WCF service case.
1. Never uses the custom ClaimsAuthenticationManager, unless the incomming soap/http request goes through the ASP.NET HTTPpipeline.
2. The CustomPrinciple is never set on the thread - always ends up being aWindowsClaimsPrincipal.
I just started my testing from the creating a simple site from the New Web site/Claims aware web site (and tried the same for ClaimsAware service).
Myles.
| 
index > Claims based access platform (CBA), code-named Geneva > Custom ClaimsAuthenticationManager and web services - Thread.CurrentPrincipal not set - fails in Beta 2 or just not implemeted?