I'm trying to replace my current forms authentication with claimsbased authentication. However what is the recommended approach to do this. I can set the current principle like this.
If System.Web.Security.Membership.ValidateUser(userName, PasswordTextBox.Text) Then
Dim principal As New ClaimsPrincipal(New ClaimsIdentity(New List(Of Claim) From {New Claim(ClaimTypes.Name, userName)}, "Forms"))
FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager.Authenticate(String.Empty, principal)
Response.Redirect(Me.ReturnUrl)
Else
FailureLabel.Text = "Login attempt failed"
End If
This is working just fine, but I also read some examples where de principal is checked on every request (in global.asax or as module) on Post_AuthenticateRequest, like this:
Public Sub Init(context As HttpApplication) Implements IHttpModule.Init
AddHandler context.PostAuthenticateRequest, AddressOf PostAuthenticateRequest
End Sub
Private Sub PostAuthenticateRequest(sender As Object, e As EventArgs)
Dim context = DirectCast(sender, HttpApplication).Context
If FederatedAuthentication.SessionAuthenticationModule IsNot Nothing AndAlso FederatedAuthentication.SessionAuthenticationModule.ContainsSessionTokenCookie(context.Request.Cookies) Then
Return
End If
Dim authenticationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager
If authenticationManager IsNot Nothing Then
Dim transformedPrincipal = authenticationManager.Authenticate(context.Request.RawUrl, TryCast(context.User, ClaimsPrincipal))
context.User = transformedPrincipal
Thread.CurrentPrincipal = transformedPrincipal
End If
End Sub
zwartmark
Member
351 Points
64 Posts
Replace forms authentication with claims based authentication
Jan 27, 2013 08:21 PM|LINK
I'm trying to replace my current forms authentication with claimsbased authentication. However what is the recommended approach to do this. I can set the current principle like this.
If System.Web.Security.Membership.ValidateUser(userName, PasswordTextBox.Text) Then Dim principal As New ClaimsPrincipal(New ClaimsIdentity(New List(Of Claim) From {New Claim(ClaimTypes.Name, userName)}, "Forms")) FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager.Authenticate(String.Empty, principal) Response.Redirect(Me.ReturnUrl) Else FailureLabel.Text = "Login attempt failed" End IfThis is working just fine, but I also read some examples where de principal is checked on every request (in global.asax or as module) on Post_AuthenticateRequest, like this:
Public Sub Init(context As HttpApplication) Implements IHttpModule.Init AddHandler context.PostAuthenticateRequest, AddressOf PostAuthenticateRequest End Sub Private Sub PostAuthenticateRequest(sender As Object, e As EventArgs) Dim context = DirectCast(sender, HttpApplication).Context If FederatedAuthentication.SessionAuthenticationModule IsNot Nothing AndAlso FederatedAuthentication.SessionAuthenticationModule.ContainsSessionTokenCookie(context.Request.Cookies) Then Return End If Dim authenticationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager If authenticationManager IsNot Nothing Then Dim transformedPrincipal = authenticationManager.Authenticate(context.Request.RawUrl, TryCast(context.User, ClaimsPrincipal)) context.User = transformedPrincipal Thread.CurrentPrincipal = transformedPrincipal End If End SubWhat is the recommend approach?
BrockAllen
All-Star
27554 Points
4912 Posts
MVP
Re: Replace forms authentication with claims based authentication
Jan 27, 2013 08:55 PM|LINK
Just posted on this yesterday:
http://brockallen.com/2013/01/26/replacing-forms-authentication-with-wifs-session-authentication-module-sam-to-enable-claims-aware-identity/
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
zwartmark
Member
351 Points
64 Posts
Re: Replace forms authentication with claims based authentication
Jan 28, 2013 08:07 AM|LINK
Thanks, I forget about the PostAuthenticate for now