Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the idea behind IIdentity and IPrincipal in .NET

Tags:

c#

.net

iprincipal

iidentity

So, what is the purpose for existence of both IIdentity and IPrincipal, and not some IIdentityMergedWithPrincipal? When is it not enough to implement both in same class?

Also, to understand purpose, I'd like to know where this concept comes from:

  • It is originated in .Net
  • There is concept of Identity/Principal as design pattern, which System.Security.Principal implemented in those interfaces
  • It is originated somewhere else and supported for compatibility

Therefore, does UserPrincipal from System.DirectoryServices act similarly to IPrincipal but not implement it by accident or by intention?

P.S. I'm looking for reasoning behind idea, not benefits/controversies comparison, so please try not to start opinion-based discussion

like image 912
Aloraman Avatar asked Nov 24 '14 15:11

Aloraman

People also ask

What are principal and identity objects?

NET identity objects represent users, while roles represent memberships and security contexts. In . NET, the principal object encapsulates both an identity object and a role. . NET applications grant rights to the principal based on its identity or, more commonly, its role membership.

Which object encapsulates information about the user or entity being validated?

The identity object encapsulates information about the user or entity being validated.

What is Claimsprincipal?

A claims principal has a collection of ClaimsIdentity objects that is accessible through the Identities property. Each ClaimsIdentity in the collection contains one or more claims. The Claims property returns all of the claims from all of the claims identities in this collection.

1 Answers

IIdentity is just used for the user's authenticated identity, regardless of what roles they may have.

IPrincipal is used to combine a user's identity with the authorized roles they have in a given security context.

For example, you can use a third-party login provider, like Facebook or Google, to get the user's identity, but you will not get a principal from those providers, as they don't provide any roles. You can use your own application or a third-party role-based authorization provider to apply roles to, say, a FacebookIdentity or GoogleIdentity. A different application can expect a different principal, with its own roles, but still use the same identity as in another application.

like image 115
Mark Cidade Avatar answered Oct 05 '22 21:10

Mark Cidade
Sign in to Comment

Related questions

What is [NotifyPropertyChangedInvocator] in C# when implements INotifyPropertyChanged?
Cleaning up code littered with InvokeRequired [duplicate]
Save and retrieve image (binary) from SQL Server using Entity Framework 6
How can I change a .NET standard library to a .NET framework library?
Mock static property with moq
Method Call using Ternary Operator
How to get list of one column values from DataTable?
Linq query list contains a list
default value for a static property
TextBoxFor displaying initial value, not the value updated from code [duplicate]
Configuring Dbcontext as Transient
A way of casting a base type to a derived type
How to create LINQ Expression Tree to select an anonymous type
How can an object not be compared to null?
When declaring an enum, should you force the type to byte for under 256 entities?
Getting Original Path from FileStream
Choosing between WPF/C# and Qt/C++ [closed]
ConcurrentBag - Add Multiple Items?
HTML agility pack - removing unwanted tags without removing content?
Correct way to use Random in multithread application [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!