Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Aug 20, 2012 02:22 PM by BrockAllen
Aug 20, 2012 09:40 AM|LINK
Will see how to correctly use one's custom token validation attribute later as I posted here but I was wondering if someone can give me some advice if I do get it right:
I need to use "something" (that token?) in my controller to figure out who the current user is (since one are not really logging in a user like you do in a normal web applicaiton with FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
Just thought about it, what about roles based security on action method level? uuurgh...i'm lost!
Aug 20, 2012 02:22 PM|LINK
In your WebApi code in the controller you will know who the callingh user is via Thread.CurrentPrincipal -- this is the same as in ASP.NET the User object.