claims-based-identity

I've an ASP.NET Core (based on .NET Framework) using Windows Authentication. Point is, I need to add a role claim on that user and this role is stored in a distant database. I've read so much thing about OWIN/Cookie/UserManager/UserStore/Identity and so on that I'm lost. Question : How do I add a role claim for current user logged in (windows) for the whole application in the easiest way? What I need is to easily use [Authorize(Role= "MyAddedRole")] or bool res = User.IsInRole("MyAddedRole") Thanks Answering myself, so what I did : Create my own UserClaimStore (I only need this store, not the

I trying to add custom properties to the ApplicationUser for a web site using MVC5 and OWIN authentication. I've read https://stackoverflow.com/a/10524305/264607 and I like how it integrates with the base controller for easy access to the new properties. My issue is that when I set the HTTPContext.Current.User property to my new IPrincipal I get a null reference error: [NullReferenceException: Object reference not set to an instance of an object.] System.Web.Security.UrlAuthorizationModule.OnEnter(Object source, EventArgs eventArgs) +127 System.Web.SyncEventExecutionStep.System.Web

Creating the simplest project (In visual studio 2013 -> asp.net web application -> MVC authentication with individual accounts), it works perfectly on localhost. However, when sending to the server (medium trust level), the project does not work when I try to enter login. See the error image: http://s18.postimg.org/fm2qw8gzt/print.png I tried to include on assembly.cs [assembly: AllowPartiallyTrustedCallers]. It did not work. I have created a strong name key. It did not work. The server does not support level = full trust. Do not believe there need to be full, because few asp.net mvc 5 sites

I have an .net core 2.2 api which generates (on a successful login) a JWT token which contains a claims identity that passes along information such as the username, permissions and roles of the authenticated user. In my .net core 2.2. web app I have a login mechanism which retrieves the JWT token via the user of a controller. My question is. How can I expand the token from within my login controller and set up my web app to include the use of the authentication mechanisms like User.Identity.IsAuthenticated , User.IsInRole("Admin") and controller actions like [Authorize] and [Authorize(Roles=

I'm just getting started with claims-based security and have a question related to identity delegation. I've managed to set up a local dummy STS and a couple of WCF services that relies on it for authentication. A web application authenticates the user via the STS and makes a call to Service A on behalf of the user (using ChannelFactory.CreateChannelActingAs ). This works fine. Now I would like to use Azure Access Control Service (ACS) as a federation provider and sign in using a Google account (or whatever) instead, getting rid of the dummy STS altogether. I'm able to authenticate to the web

When using sliding sessions in WIF with the session authentication module (SAM) and Thinktecture IdentityModel as described in brockallen's blog . The session security token issued and written to the cookie has it's "valid to" extended as required and the cookie is set accordingly. But, the BootStrapToken serialized to the current claims Identity remains the old one, with the potentially expired token. This causes problems when trying to use the bootstrap context token for different reasons (among them could be Implementing “Poor Man”’s Delegation ) . What is the best way to update the

I use the following code to update the claims of a user in my web application. However, to update the claims/cookie of this user, I want to force him to login again. So essentially I want to expire his cookie after I update the claims. Any idea how to do this? await _signInManager.RefreshSignInAsync(user); is the first thing I tried, but fails because I'm updating the claims of another user (the one that is currently logged in) :) All other examples I found are more or less the same as RefreshSignInAsync and do not deal with the fact that I'm updating the claims of another user. public async