Regarding identity and auth data store in client side

Question

User264732274 posted

1) as we know form auth store data in cookie at client side. so the identity also store auth info in cookie ?

2) need a sample example just to know what kind of data identity system store in client side after user authentication ?

3) identity system also store auth data in cookie at client side ?

4) identity system store claim at client side or something different data ?

5) how claim data look like. give me sample of claim data.

Answer 1

User614698185 posted

Hi sudip_inn,

ASP.NET Identity is the new membership system for building ASP.NET web applications. ASP.NET Identity allows you to add login features to your application and makes it easy to customize data about the logged in user.

By default the ASP.NET Identity system will store all the user information in a database. ASP.NET Identity uses Entity Framework Code First to implement all of its persistence mechanism.

If your application requirements are that this information might be stored in a different storage mechanism such as SharePoint, Azure Table Service, No Sql databases etc. it is now possible to plug in different storage providers.

Please see: http://www.asp.net/identity/overview/getting-started/introduction-to-aspnet-identity

If you want to use Claims-Based identity, please see:

https://msdn.microsoft.com/en-us/library/ee517291.aspx

Best Regards,

Candice Zhou

Answer 2

User264732274 posted

Sorry u do not understand my question.

identity system use claim always ?

form auth store auth ticket in cookie at client side so identity store what at client side ?

how claim data look like just give me a sample ?

thanks

Answer 3

User614698185 posted

Hi sudip_inn,

identity system use claim always ?

No. The ASP.NET Identity is a framework that support both the Form authentication and claims-based authentication.

form auth store auth ticket in cookie at client side so identity store what at client side ?

As my previous post said, identity system will store all the user information in a database.

how claim data look like just give me a sample ?

Claim is a statement about the user makes about itself, it can be user name, first name, last name, gender, phone, the roles user assigned to, etc.

Here is how we create the identity for a new user during the log-in process:

UserManager<applicationuser> userManager = new UserManager<applicationuser>(new UserStore<applicationuser>(new SecurityContext()));
ClaimsIdentity identity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

If you inspect the Claims property of ClaimsIdentity after calling CreateIdentity you will see that there are there are three or more claims. There is a claim for the user ID, user name, identity provider and one for each role assigned. So what if you want to add some more claims. Here is an example of how to add the email as a claim:

var user = userManager.Find(userName, password);
identity.AddClaim(new Claim(ClaimTypes.Email, user.Email));

Best Regards,

Candice Zhou

Answer 4

User264732274 posted

1) u said : The ASP.NET Identity is a framework that support both the Form authentication and claims-based authentication.

can you give me two link one for how to setup ASP.NET Identity with form authentication and

another one article link which guide me how to use or setup identity for claims-based authentication.

2) u said : identity system will store all the user information in a database.

what kind of info identity store in client as a result when data goes to server side then identity can validate user. in form auth....auth ticket always store in client and check the ticket always when request goes to server side. so believe identity must store something in client pc by which he track user later whether the user is authenticated or not.

please share the knowledge that what & how identity system store in client pc after authenticate a user login when claims-based authentication is used ?

thanks