damianh
commented
10 years ago NancyContext.CurrentUser, IUserIdentity, is just not compatible ClaimsPrincipal.
A future version of Nancy, based of .NET 4.5, will possibly adopt ClaimsPrincipal.
Closed adestis-ds closed 10 years ago
damianh
commented
10 years ago NancyContext.CurrentUser, IUserIdentity, is just not compatible ClaimsPrincipal.
A future version of Nancy, based of .NET 4.5, will possibly adopt ClaimsPrincipal.
adestis-ds
commented
10 years ago However, IUserIdentity has a Username and a IsAuthorized property - both could be filled easily (e.g. by creating a DefaultUserIdentity and fill the properties).
damianh
commented
10 years ago The username could potentially be filled but in claims based auth there could be multiple claims involved (NameIdentifier, Issuer, etc). Is Authorized simply won't work as it's based on Nancy's claim types and which are completely incompatible System.Security.Claims.Claim. I (we) looked at this but decided that even if we could half bake it, it would probably confuse people further.
Mono 3.6 just had claims support shipped, so I am expecting Nancy core to adopt ClaimsPrincipal soon and then this package will better integrate. Until then, you are going to have to use the extension methods provided by this package (oh for extension properties)
adestis-ds
commented
10 years ago Well explained - thank you so much! I will wait then for integration of ClaimsPrincipal...
Is there a reason why NancyContext.CurrentUser is not set by MSOwinSecurity? I know I can get the current authenticated user by calling GetMSOwinUser() but Nancys way of exposing user details is not used. I think it would be good to have NancyContext.CurrentUser filled automatically...
Or I am missing something?
Regards
Dirk