I have been working on a asp.net application which uses windows azure tables as data storage for users information.I have a class which does the insertion and creation of tables and handles other stuff. When I see that a user is already present I want to issue a authentication token using something like
FormsAuthentication.SetAuthCookie(user,true)
and I also want to add the user's claims that I got from the windows azure table storage so I can read them later using something like
ClaimsPrincipal claimsPrincipal = Page.User as ClaimsPrincipal;
Can someone please suggest me how to achieve this? I finished the other parts of this custom app but not very clear how to make this part work.
Thanks
The claims-based authorization works by checking if the user has a claim to access an URL. In ASP.NET Core we create policies to implement the Claims-Based Authorization. The policy defines what claims that user must process to satisfy the policy. We apply the policy on the Controller, action method, razor page, etc.
Form authentication is cookie based, as ASP.NET places a cookie in the client machine in order to track the user. If the user requests a secure page and has not logged in, then ASP.NET redirects him/her to the login page. Once the user is authenticated, he/she will be allowed to access the requested page.
You can use the Forms Authentication setting, displayed under the Security > Authenticated Access section of the Internet Information Services view for a website, to set forms authentication on web applications. Set the Forms Authentication option to Yes to enable forms authentication.
This is almost as simple, with the help of the SessionAuthenticationModule.
SessionAuthenticationModule sam =
(SessionAuthenticationModule)
this.Context.ApplicationInstance.Modules["SessionAuthenticationModule"];
IClaimsPrincipal principal =
new ClaimsPrincipal( new GenericPrincipal( new GenericIdentity( txtUserName.Text ), null ) );
// create any userdata you want. by creating custom types of claims you can have
// an arbitrary number of your own types of custom data
principal.Identities[0].Claims.Add( new Claim( ClaimTypes.Email, "[email protected]" ) );
principal.Identities[0].Claims.Add( new Claim( ClaimTypes.UserData, ReallyLongUserData ) );
var token =
sam.CreateSessionSecurityToken(
principal, null, DateTime.Now, DateTime.Now.AddMinutes( 20 ), false );
sam.WriteSessionTokenToCookie( token );
Response.Redirect( this.Context.Request.QueryString["ReturnUrl"] );
Full article that also includes web.config
entries:
http://www.wiktorzychla.com/2012/09/forms-authentication-revisited.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With