I was playing around with new stuff in 4.5 and wrote a simple console application that is supposed to check a few things in new claims based security model. I've created custom implementations of ClaimsAuthorizationManager and ClaimsAuthenticationManager, added them to application config file, set AppDomain principal policy to windows principal, and almost everyghing works well except AuthenticationManager.Authenticate method being called.
AuthorizationManager.CheckAccess is being called as expected.
I guess that this is right behaviour as when running console app the user is already authenticated and there is no need to do it on app startup. However I would like to transform some claims based on - let us say profile stored in database. Of course I can do it manually and deal with the CurrentPrinciapal object on my own. However I was wondering if there is a way to force app to use AuthManager to do it for me.
Just being curious :)
So, here are two managers. They basically do nothing, exist just for setting break point :)
public class AuthorizationManager : ClaimsAuthorizationManager
{
public override bool CheckAccess(AuthorizationContext context)
{
return base.CheckAccess(context);
}
}
public class Authenticationmanager : ClaimsAuthenticationManager
{
public override ClaimsPrincipal Authenticate(string resourceName, ClaimsPrincipal incomingPrincipal)
{
return base.Authenticate(resourceName, incomingPrincipal);
}
}
App.config looks like this:
<configuration>
<configSections>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.identityModel>
<identityConfiguration>
<claimsAuthenticationManager type="ClaimsSandbox.Authenticationmanager, ClaimsSandbox"/>
<claimsAuthorizationManager type="ClaimsSandbox.AuthorizationManager, ClaimsSandbox"/>
</identityConfiguration>
</system.identityModel>
</configuration>
And the code that does nothing special:
class Program
{
static void Main(string[] args)
{
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
var principal = Thread.CurrentPrincipal;
DescribeMe(principal);
ClaimsPrincipalPermission.CheckAccess("foo ", "bar");
Console.ReadLine();
}
private static void DescribeMe(System.Security.Principal.IPrincipal principal)
{
Console.WriteLine(principal);
var claimsPrincipal = principal as ClaimsPrincipal;
claimsPrincipal.IsInRole("Foo");
Console.WriteLine(claimsPrincipal.Identity.IsAuthenticated);
}
}