-1

We are trying to mock federated security based authentication in one of our asp.net mvc 4 application.

Actually this web application will finally use federated security authentication, but that authentication service is far from ready and will take sometime before we can test, but we need to give a demo of web app soon. So I thought I can try to mimic/mock federated security based authentication something like having custom principal for setting up httpcontext.current.user object when we go for custom membership/authentication in asp.net. looking similar thing for federated security.

any directions will be great, any article link? just trying to get a base which i can rely upon and start myself to mock/mimic authtication in my app.

I have tried alot but all what i try goes talking about mimic/customizing other mode of authentication like forms/windows etc but for federated with asp.net mvc, i am not getting anything relevant, so forced to seek guidance if any. hope it's not bad question, finger corssed though... :-)

Edit: basically i am looking to know how to write custom claims principal (custom implementation of IClaimsPrincipal Interface) to mimic claims based authentication, where i can access claims data obtained from this in my mvc app, this is needed just until i have my real claims authentication in place, any suggestions plz?

Thanks...

LearningNeverEnds
  • 374
  • 1
  • 3
  • 22
  • 1
    Depends on what do you want to mock; if you want to mock "authenticated user" only, you can just force-set user to http context in Global.asax on authenticate request event. If you want to mock whole authentication process; you'll need some demo identity provider. I did it like this on one project - since our partner company was slow to provide "real" identity provider endpoint I written my own. – Ondrej Svejdar Nov 14 '13 at 13:42
  • request user who down voted question, to at least put a comment justifying that, as i don't see clearly why done that? – LearningNeverEnds Nov 14 '13 at 14:01
  • @Ondrej Svejdar: yes i want to just mock authenticated user as of now, but in a way that for user, isautheticated is set to true post that, not sure how this is done, any idea? also does hardcoding/setting up httpcontext.current.user is any different between forms and federated authentication? – LearningNeverEnds Nov 14 '13 at 14:06

1 Answers1

0

UPDATE: (to dummy ClaimIdentity); assuming you'll be using WIF (assemblies Microsoft.IdentityModel ans System.IdentityModel)

In your Global.asax.cs put:

private class DummyIdentity : IIdentity {
  public string AuthenticationType {
    get { return "Dummy"; }
  }

  public bool IsAuthenticated {
    get { return true; }
  }

  public string Name {
    get { return "DummyUser";  }
  }
}

and

void Application_AuthenticateRequest(object sender, EventArgs e) {
  var collection = new ClaimsIdentityCollection();
  var identity = new ClaimsIdentity(new DummyIdentity());
  identity.Claims.Add(new Claim("EnterpriseID", "Whatever"));
  collection.Add(identity);
  var principal = new ClaimsPrincipal(collection);
  Context.User = principal;
}

This will hardcode authentication of the request by ClaimsPrincipal used by WIF as well.

Ondrej Svejdar
  • 21,349
  • 5
  • 54
  • 89
  • Thanks for the answer and efforts, i really wished if it could have been what i need currently, but it sure fits to other mode of authentication.had already gone through this approach, but it won't fit to the the needs, as i need to mimic federated/claim based authentication, where i have to take out some parameters/values from obtained claim data like enterprise id etc., that only comes from claims principal and won't come if i don't create customize claims principal. this is what i am trying to get to know how to write a custom claims principal, any suggestion on this please – LearningNeverEnds Nov 15 '13 at 07:41