Re: Setting Principal for HttpWorkerRequest

• Previous message: Jeff: "Re: Error"
• In reply to: Bassel Tabbara [MSFT]: "Re: Setting Principal for HttpWorkerRequest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: basselt@online.microsoft.com ("Bassel Tabbara [MSFT]")
Date: Tue, 22 Apr 2003 21:40:24 GMT

Hello Frank,
I am sorry for the last post.
I am including below the right answer:

Basically, Context.User is what ASP.Net uses. The HttpContext.User property
provides programmatic access to the properties and methods of the
IPrincipal interface. Because ASP.NET pages contain a default reference to
the System.Web namespace (which contains the HttpContext class), you can
reference the members of HttpContext on an .aspx page without the fully
qualified class reference to HttpContext. For example, you can use just
User.Identity.Name to get the name of the user on whose behalf the current
process is running. It will return the authenticated user.

System.Threading.Thread.CurrentPrincipal is used as a local storage of the
thread. It Gets or sets the thread's current principal (for role-based
security).
Without impersonation, this identity will be empty. Only in ASP.Net, it
will be equal to Context.User. In normal windows apps this will return null
value.
You have to set it in your application, for example in a thread pool you
will set the currentPrincipal to an identity for a particular thread.

I hope this helps.

Thanks,
Bassel Tabbara
Microsoft, ASP.NET

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------
| X-Tomcat-ID: 537613050
| References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
<mVCoQMF6CHA.2496@cpmsftngxa06> <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
<APaZd1o6CHA.1864@cpmsftngxa06> <f6wLllm8CHA.1864@cpmsftngxa06>
<Obu#co$$CHA.2368@TK2MSFTNGP10.phx.gbl>
<QFZzQdfBDHA.2556@cpmsftngxa06.phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: basselt@online.microsoft.com ("Bassel Tabbara [MSFT]")
| Organization: Microsoft
| Date: Mon, 21 Apr 2003 23:57:50 GMT
| Subject: Re: Setting Principal for HttpWorkerRequest
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| Message-ID: <vLrzWHGCDHA.1636@cpmsftngxa06.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Lines: 305
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:4881
| NNTP-Posting-Host: TOMCATIMPORT2 10.201.218.182
|
| Hello Frank,
| You need to create a HTTPModule that will handle the authentication
there.
| HTTP modules and HTTP handlers are an integral part of the ASP.NET
| architecture. While a request is being processed, each request is
processed
| by multiple HTTP modules (for example, the authentication module and the
| session module) and is then processed by a single HTTP handler. After the
| handler has processed the request, the request flows back through the
HTTP
| modules.
|
| Modules are called before and after the handler executes. Modules enable
| developers to intercept, participate in, or modify each individual
request.
| Modules implement the IHttpModule interface, which is located in the
| System.Web namespace.
| An HttpApplication class provides a number of events with which modules
can
| synchronize. The following events are available for modules to
synchronize
| with on each request. These events are listed in sequential order:
|
| - BeginRequest.
| - AuthenticateRequest
| - AuthorizeRequest
| - ResolveRequestCache
| - AcquireRequestState
| - PreRequestHandlerExecute
| - PostRequestHandlerExecute
| - ReleaseRequestState
| - UpdateRequestCache
| - EndRequest
|
| The following events are available for modules to synchronize with for
each
| request transmission. The order of these events is non-deterministic.
|
| - PreSendRequestHeaders
| - PreSendRequestContent
| - Error
|
| For more information refer to the following Kb articles:
|
| 307996 HOW TO: Create an ASP.NET HTTP Module Using Visual C# .NET
| http://support.microsoft.com/?id=307996
|
| 308000 HOW TO: Create an ASP.NET HTTP Module Using Visual Basic .NET
| http://support.microsoft.com/?id=308000
|
|
|
| Thanks,
| Bassel Tabbara
| Microsoft, ASP.NET
|
| This posting is provided "AS IS", with no warranties, and confers no
rights.
|
|
|
| --------------------
| | X-Tomcat-ID: 470110967
| | References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| <mVCoQMF6CHA.2496@cpmsftngxa06> <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| <APaZd1o6CHA.1864@cpmsftngxa06> <f6wLllm8CHA.1864@cpmsftngxa06>
| <Obu#co$$CHA.2368@TK2MSFTNGP10.phx.gbl>
| | MIME-Version: 1.0
| | Content-Type: text/plain
| | Content-Transfer-Encoding: 7bit
| | From: michmo@online.microsoft.com ("Mike Moore [MS]")
| | Organization: Microsoft
| | Date: Fri, 18 Apr 2003 22:10:21 GMT
| | Subject: Re: Setting Principal for HttpWorkerRequest
| | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | Message-ID: <QFZzQdfBDHA.2556@cpmsftngxa06.phx.gbl>
| | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | Lines: 224
| | Path: cpmsftngxa06.phx.gbl
| | Xref: cpmsftngxa06.phx.gbl
| microsoft.public.dotnet.framework.aspnet.security:4866
| | NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
| |
| | Hi Frank,
| |
| | I apologize for the delay in answering you. I've been on vacation and
| will
| | investigate this further on Monday.
| |
| | Thank you, Mike Moore
| | Microsoft, ASP.NET
| |
| | This posting is provided "AS IS", with no warranties, and confers no
| rights.
| |
| | --------------------
| | | >From: "Frank" <msdndev@bourier.de>
| | | >References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | <mVCoQMF6CHA.2496@cpmsftngxa06> <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| | <APaZd1o6CHA.1864@cpmsftngxa06> <f6wLllm8CHA.1864@cpmsftngxa06>
| | | >Subject: Re: Setting Principal for HttpWorkerRequest
| | | >Date: Fri, 11 Apr 2003 09:16:19 +0200
| | | >Lines: 208
| | | >X-Priority: 3
| | | >X-MSMail-Priority: Normal
| | | >X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| | | >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| | | >Message-ID: <Obu#co$$CHA.2368@TK2MSFTNGP10.phx.gbl>
| | | >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | | >NNTP-Posting-Host: pd9e6a4c0.dip0.t-ipconnect.de 217.230.164.192
| | | >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
| | | >Xref: cpmsftngxa06.phx.gbl
| | microsoft.public.dotnet.framework.aspnet.security:4770
| | | >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | | >
| | | >Hallo,
| | | >
| | | >why is the call(different Principals)
| | | >
| | | >System.Threading.Thread.CurrentPrincipal
| | | >
| | | >different from the call
| | | >Context.User
| | | >
| | | >I would like to use PrincipalPermission and User.IsinRole in a normal
| | | >WebService Method. For that reason i have to set the
| | | >Thread.CurrentPrincipal, but the User has another Principal, so i
have
| | set
| | | >the user Context.User with the new GenericUser, too. Why?
| | | >
| | | >Frank
| | | >--
| | | >---------------------------
| | | >To send an eMail remove NOSPAM
| | | >"Mike Moore [MSFT]" <michmo@online.microsoft.com> schrieb im
| Newsbeitrag
| | | >news:f6wLllm8CHA.1864@cpmsftngxa06...
| | | >> Hi,
| | | >>
| | | >> With off-line communication, we found this solution for Steve:
| | | >>
| | | >> 1)
| | | >> Dim g As New System.Security.Principal.GenericIdentity(...)
| | | >> HttpContext.Current.User = g
| | | >>
| | | >> 2)
| | | >> Place the above in an HTTPModule so that it affects the entire
| | | >application.
| | | >> For information on writing modules:
| | | >> 308000 HOW TO: Create an ASP.NET HTTP Module Using Visual Basic
.NET
| | | >> http://support.microsoft.com/?id=308000
| | | >>
| | | >> Thank you, Mike Moore
| | | >> Microsoft, ASP.NET
| | | >>
| | | >> This posting is provided "AS IS", with no warranties, and confers
no
| | | >rights.
| | | >>
| | | >> --------------------
| | | >> | >X-Tomcat-ID: 20009685
| | | >> | >References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | | >> <mVCoQMF6CHA.2496@cpmsftngxa06>
| <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| | | >> | >MIME-Version: 1.0
| | | >> | >Content-Type: text/plain
| | | >> | >Content-Transfer-Encoding: 7bit
| | | >> | >From: michmo@online.microsoft.com ("Mike Moore [MSFT]")
| | | >> | >Organization: Microsoft
| | | >> | >Date: Sat, 15 Mar 2003 00:54:23 GMT
| | | >> | >Subject: Re: Setting Principal for HttpWorkerRequest
| | | >> | >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | | >> | >Message-ID: <APaZd1o6CHA.1864@cpmsftngxa06>
| | | >> | >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | | >> | >Lines: 109
| | | >> | >NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
| | | >> | >Path: cpmsftngxa08.phx.gbl!cpmsftngxa06
| | | >> | >Xref: cpmsftngxa08.phx.gbl
| | | >> microsoft.public.dotnet.framework.aspnet.security:4397
| | | >> | >
| | | >> | >Hi Stephen,
| | | >> | >
| | | >> | >I'd like to put you in touch with one of my coworkers. Can you
| | contact
| | | >> me
| | | >> | >directly? Remove "online." from my no spam alias:
| | | >> | >michmo@online.microsoft.com.
| | | >> | >
| | | >> | >For other readers, we will post the results after we finish our
| | | >> discussion.
| | | >> | >
| | | >> | >Thank you, Mike Moore
| | | >> | >Microsoft, ASP.NET
| | | >> | >
| | | >> | >This posting is provided "AS IS", with no warranties, and
confers
| no
| | | >> rights.
| | | >> | >
| | | >> | >--------------------
| | | >> | >>From: "Stephen Walch" <swalch@proposion.com>
| | | >> | >>References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | | >> | ><mVCoQMF6CHA.2496@cpmsftngxa06>
| | | >> | >>Subject: Re: Setting Principal for HttpWorkerRequest
| | | >> | >>Date: Thu, 13 Mar 2003 18:00:26 -0500
| | | >> | >>Lines: 86
| | | >> | >>X-Priority: 3
| | | >> | >>X-MSMail-Priority: Normal
| | | >> | >>X-Newsreader: Microsoft Outlook Express 5.50.4807.1700
| | | >> | >>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| | | >> | >>Message-ID: <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| | | >> | >>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | | >> | >>NNTP-Posting-Host: 65.205.13.190
| | | >> | >>Path: cpmsftngxa06!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl
| | | >> | >>Xref: cpmsftngxa06
| | | >> microsoft.public.dotnet.framework.aspnet.security:4343
| | | >> | >>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | | >> | >>
| | | >> | >>Thank you, but this thread does not have anything to do with
| | setting
| | | >the
| | | >> | >>Identity/Principal for a request. Maybe I should explain what
I
| | want
| | | >a
| | | >> | >>little better:
| | | >> | >>
| | | >> | >>I am implementing my own server that will authenticate users
| using
| | | >> | >>out-of-band methods (like IIS does in the case of Windows
| | | >> authentication).
| | | >> | >>I am implementing an HttpWorkerRequest and asking HttpRuntime
to
| | | >> process
| | | >> | >the
| | | >> | >>request. I expect existing ASP.NET applications to work
without
| | | >> changes,
| | | >> | >>but if those applications happen to examine
| | | >> | >>HttpContext.Current.User.Identity or HttpContext.Principal,
they
| | | >should
| | | >> see
| | | >> | >>the credentials that my code set in advance.
| | | >> | >>
| | | >> | >>Thanks,
| | | >> | >>
| | | >> | >>Steve
| | | >> | >>
| | | >> | >>""Mike Moore [MSFT]"" <michmo@online.microsoft.com> wrote in
| | message
| | | >> | >>news:mVCoQMF6CHA.2496@cpmsftngxa06...
| | | >> | >>> Hi Stephen,
| | | >> | >>>
| | | >> | >>> I found some sample code by searching Google on the words:
| | | >> | >>> HttpWorkerRequest ProcessRequest
| | | >> | >>>
| | | >> | >>> It's a thread (conversation) from 7/25/2002 with subject:
| | | >> | >>ApplicationHost
| | | >> | >>> gives a NullReferenceException when processing ...
| | | >> | >>>
| | | >> | >>> Here's a link to the thread (please pardon the line breaks):
| | | >> | >>>
| | | >> | >>> http://groups.google.com/groups?
| | | >> | >>> q=group:microsoft.public.dotnet.framework+insubject:
| | | >> | >>> NullReferenceException&hl=en&lr=&ie=UTF-8&oe=
| | | >> | >>> UTF-8&as_drrb=b&as_mind=12&as_minm=5&as_miny
| | | >> | >>> =2002&as_maxd=11&as_maxm=3&as_maxy=2003&
| | | >> | >>> selm=18ab78a0.0207250430.3f2a29ff%40posting.
| | | >> | >>> google.com&rnum=1
| | | >> | >>>
| | | >> | >>> Thank you, Mike Moore
| | | >> | >>> Microsoft, ASP.NET
| | | >> | >>>
| | | >> | >>> This posting is provided "AS IS", with no warranties, and
| | confers no
| | | >> | >>rights.
| | | >> | >>>
| | | >> | >>>
| | | >> | >>> --------------------
| | | >> | >>> >From: "Stephen Walch" <swalch@proposion.com>
| | | >> | >>> >Subject: Setting Principal for HttpWorkerRequest
| | | >> | >>> >Date: Thu, 6 Mar 2003 15:35:14 -0500
| | | >> | >>> >Lines: 15
| | | >> | >>> >X-Priority: 3
| | | >> | >>> >X-MSMail-Priority: Normal
| | | >> | >>> >X-Newsreader: Microsoft Outlook Express 5.50.4807.1700
| | | >> | >>> >X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| | | >> | >>> >Message-ID: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | | >> | >>> >Newsgroups:
microsoft.public.dotnet.framework.aspnet.security
| | | >> | >>> >NNTP-Posting-Host: ma-amesbury2b-224.mrrmnh.adelphia.net
| | | >24.53.5.224
| | | >> | >>> >Path:
| | | >> | >>>
| | | >> |
| | | >>
| | |
| |
|
>>>cpmsftngxa08.phx.gbl!cpmsftngxa06!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.g
| | b
| | | >> l
| | | >> | >>> >Xref: cpmsftngxa08.phx.gbl
| | | >> | >>> microsoft.public.dotnet.framework.aspnet.security:4236
| | | >> | >>> >X-Tomcat-NG:
microsoft.public.dotnet.framework.aspnet.security
| | | >> | >>> >
| | | >> | >>> >I am implementing an ASP.NET server (similar to Cassini)
and
| am
| | | >> trying
| | | >> | >to
| | | >> | >>> >think through how I would go about adding my own
| authentication
| | to
| | | >> | >(based
| | | >> | >>> on
| | | >> | >>> >information I am able to extract from the raw HTTP
request).
| It
| | | >> looks
| | | >> | >>like
| | | >> | >>> >my ultimate goal is to set HTTPContext.Principal with a
| | principal
| | | >> that
| | | >> | >>> >contains the appropriate identity, roles, etc.
| | | >> | >>> >
| | | >> | >>> >So if I have created an HttpWorkerRequest and am about to
call
| | | >> | >>> >HttpRuntime.ProcessRequest, what else do I need to do? I
see
| | that
| | | >> the
| | | >> | >>> >HTTPContext takes HttpWorkerRequest in its constructor, so
I
| | deduce
| | | >> that
| | | >> | >>> the
| | | >> | >>> >Principal is somehow created from the HttpWorkerRequest,
but I
| | | >can't
| | | >> | >>figure
| | | >> | >>> >out how.
| | | >> | >>> >
| | | >> | >>> >Any guidelines would be much appreciated. Thanks!
| | | >> | >>> >
| | | >> | >>> >
| | | >> | >>> >
| | | >> | >>>
| | | >> | >>
| | | >> | >>
| | | >> | >>
| | | >> | >
| | | >> | >
| | | >>
| | | >
| | | >
| | | >
| |
| |
|
|

• Previous message: Jeff: "Re: Error"
• In reply to: Bassel Tabbara [MSFT]: "Re: Setting Principal for HttpWorkerRequest"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]