Stack Overflow
Stack Overflow

Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

Resources

Wikipedia Entry - Claims-based identity

MSDN Article - Exploring Claims-Based Identity by Kieth Brown

1595 questions
23
votes
5 answers

ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)

Are there any decent examples of the following available: Looking through the WIF SDK, there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a…
Russ Cam
  • 124,184
  • 33
  • 204
  • 266
23
votes
2 answers

Claims Cookie Security in ASP.Net Identity

The way I understood it from reading all over the net, is that Claims get stored as cookie, now I add User's Roles to the Claims collection and thus it will be saved into the Claims Cookie. Now this is great as it would save me the round tripping…
DevMania
  • 2,311
  • 4
  • 25
  • 43
23
votes
2 answers

authentication and authorizing in ASP.NET MVC 5

Asp.net MVC 5 seems to have left behind using the AuthorizeAttribute class where you could create a custom authorize attribute by implementing the AuthorizeAttribute class, override its methods and hiding the SiteRole property incase you wanted to…
user20358
  • 14,182
  • 36
  • 114
  • 186
22
votes
5 answers

how can I get Identity UserID in the controller right after a successful login result?

I am using Identity v2 and MVC 5 for external login. In my external login callback function, I log the user in with var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent: false); then there is a switch for the result, and I…
A. Burak Erbora
  • 1,054
  • 2
  • 12
  • 26
22
votes
1 answer

Getting custom claim value from bearer token (Web API)

In my ASP.NET Web API project I'm using bearer token authorization and I have added some custom claims to it, like this: var authType = AuthConfig.OAuthOptions.AuthenticationType; var identity = new ClaimsIdentity(authType); identity.AddClaim(new…
Impworks
  • 2,647
  • 3
  • 25
  • 53
22
votes
4 answers

How can I send authorization information back to my client app when using AngularJS, WebAPI 2 and Oauth 2?

I have a AngularJS client application that uses javascript (not coffeescript or typescript) Oauth2 to authenticate against a WebAPI 2 application using the latest Identity 2. All the software in my application is the very latest and is based on this…
Samantha J T Star
  • 30,952
  • 84
  • 245
  • 427
22
votes
4 answers

Custom Identity using MVC5 and OWIN

I trying to add custom properties to the ApplicationUser for a web site using MVC5 and OWIN authentication. I've read https://stackoverflow.com/a/10524305/264607 and I like how it integrates with the base controller for easy access to the new…
BlackICE
  • 8,816
  • 3
  • 53
  • 91
21
votes
0 answers

(WindowsPrincipal vs GenericPrincipal vs ClaimsPrincipal)'s Identity property

TL;DR. I'm writing this up to potentially help someone else's googling in the future as I found no documentation on this particular behaviour, and partly on the hope that someone could confirm (or deny) that this is the correct approach (in summary…
ciaranj
  • 459
  • 3
  • 8
21
votes
3 answers

.NET Claim in three namespaces

Now this is odd. After completing some research on claims based solutions in .NET, found that different authors refer to different classes in .NET namespace when actually speaking on the same matter. Claim class (not to mention other Identity,…
StaMai
  • 121
  • 2
  • 5
20
votes
2 answers

IdentityServer4: Add Custom default Claim to Client Principal for Client_Credential Granttype

I am using IdentityServer4 and I am trying to add a custom default claim to my CLIENT when the token is created. This is possible if i use the implicit flow and IProfileService like shown below. public class MyProfileService : IProfileService { …
flexxxit
  • 2,440
  • 5
  • 42
  • 69
20
votes
4 answers

Understanding Claims

I'm trying to get up to speed with OpenId Connect, OAuth2.0, Security Token Service and Claims. Imagine a scenario with a large website with many areas and different functionality e.g. Customer, Order, Supplier, Delivery, Returns etc. My question is…
David
  • 233
  • 1
  • 2
  • 10
20
votes
2 answers

ASP.NET requirements for ClaimTypes

I'm investigating using claims-based authorization in ASP.NET (MVC Core 1.0). When setting up a ClaimsIdentity, I supply a list of key/value string pairs to represent each Claim. Example: List claims = new List { new…
cbranch
  • 4,709
  • 2
  • 27
  • 25
20
votes
2 answers

Simple claims transformation and caching w/ windows authentication

For the past few days I've been reading about the windows identity foundation and how it's so good and flexible and built right into .net 4.5. Despite going over dozens of apis, blog posts, how-to's etc. I can't for the life of me get a simple…
John
  • 523
  • 3
  • 12
19
votes
4 answers

Can't get claims from JWT token with ASP.NET Core

I'm trying to do a really simple implementation of JWT bearer authentication with ASP.NET Core. I return a response from a controller a bit like this: var identity = new ClaimsIdentity(); identity.AddClaim(new Claim(ClaimTypes.Name,…
user888734
  • 3,797
  • 5
  • 36
  • 67
18
votes
4 answers

Setting Thread.CurrentPrincipal with async/await

Below is a simplified version of where I am trying to set Thread.CurrentPrincipal within an async method to a custom UserPrincipal object but the custom object is getting lost after leaving the await even though it's still on the new threadID 10. Is…
Sean Merron
  • 442
  • 4
  • 15
1 2
3
99 100