ClaimsPrincipal.Current vs. HttpContext.Current.User?
The Identity is the current authenticated user and the principal is the security context that the code is running under.
This article is a good explanation that I found useful http://msdn.microsoft.com/en-us/library/ftx85f8x.aspx .
Related videos on Youtube
03 : 43
21 : 32
04 : 13
10 : 14
09 : 29
05 : 35
Alwyn
Updated on June 04, 2022Comments
-
Alwyn almost 2 years
In MVC what's the difference between these 2?
They look identical, and they even return the same Type/Class
System.Web.Security.RolePrincipalbut there're subtleties.Eg. The following code throws various errors when called against the instance generated via ClaimsPrincipal.Current
cp.FindFirst(ClaimTypes.Name); //{"Unable to connect to SQL Server database."} <--HUH!? cp.Claims; //{"Value cannot be null.\r\nParameter name: username"}The above works when cp is this instead:
var cp = System.Web.HttpContext.Current.UserWhen drilling down to the private members via quick watch I can see that they both has the same Claim dictionary. However for whatever reason the public property blows when called against the object returned by
ClaimsPrincipal.CurrentHelp - why is this!? This is driving me crazy.
=============EDIT==================
It must be almost time to go to bed.
IPrincipal supports multiple identities. It requires some kind of store. IIdentity returns an instance of ClaimsIdentity and does not require the store.
I was simply drilling the wrong properties. The two of them are almost identical in their shape ie. same properties and methods, that I got them confused.