-
Notifications
You must be signed in to change notification settings - Fork 0
Authentication and Authorization Sharing
Michael Ketting edited this page Feb 1, 2023
·
1 revision
Sharing authentication/authorization requires sharing the IPrincipal object between legacy ASP.NET and ASP.NET Core. The User property exposes the principal on the HttpContext. This works exacatly the same in legacy ASP.NET and ASP.NET Core, with the difference that ASP.NET Core uses a ClaimsPrincipal.
The built-in authentication providers (e.g. WindowsPrincipal, GenericPrincipal) already inherit from ClaimsPrincipal. To share the principal between legacy ASP.NET and ASP.NET Core, the principal might need to be converted to a ClaimsPrincipal. This is done using an internal wrapper.
The following modes are available for sharing authentication/authorization:
-
Isolated(default): legacy ASP.NET and ASP.NET Core authentication are separate. Both need to provide authentication modules/middleware if needed. -
Shared: legacy ASP.NET and ASP.NET Core share the context's principal. ASP.NET Core'sUserproperty will also be used in legacy ASP.NET. If the defined value inherits fromClaimsIdentityit will be used as is, otherwise the value will be wrapped to be usable in ASP.NET Core, but legacy ASP.NET will still use the unwrapped principal. -
SharedReadOnly: LikeShared, but theUserproperty cannot be set from legacy ASP.NET.
Configure the sharing mode when adding the LegacyAspNet during startup:
var builder = WebApplication.CreateBuilder();
builder.Services.AddLegacyAspNet (b => { b.AuthenticationSharing = AspNetAuthenticationSharing.Shared; });