Closed dbarrett84 closed 3 years ago
With the async nature of these libraries, relying on thread specific state is not a good idea. You'd be better off using HttpContext.Current which is more actively managed to flow across threads. Your example already shows that working better.
This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.
See our Issue Management Policies for more information.
Hi,
I have recently upgraded our OWIN packages to version 4.1.1 from 2.1.0.
We have a lot of usages of
Thread.CurrentPrincipal
to check the Identity or Claims. This is set in the OWIN pipeline like so:And when I debug I can see that
user
is valid when setting theCurrentPrincipal
But when access it in an API the
Thread.CurrentPrincipal.Idenity
is empty [see image] and so are the claims, even thoughHttpContext.Current.User
is populated with correct values:The other unusual thing is it only happens when using Basic Authentication.
We're only getting this issue while trying to upgrade to 4.1.1, but I haven't seen anything in the change logs to suggest this should be affected.
Any help would be appreciated