Converting Aspnet to aspnetcore: RequestContext.Principal

Question

User956626884 posted

I am replacing the old webapi RequestContext.Principal.Identity.Name to web api core.

There is no application login. It is based on windowsauthenication where the user is authenticated into the domain. The application never ask the user to login. 

I added the services.AppAuthentication in the Startup.cs

In the old webapi, user logs in to the domain and in the app controller, I can see the user name with RequestContext.Principal.

In webapi Core, I checked User and this.HttpContext, but the Identity is null with no user info.

Inside my method,

userName = User.FindFirstValue(ClaimTypes.NameIdentifier); // is null
string userInfo = User: // User Identity property is null
The User.Identity.IsAuthenticated is false
ClaimsPrincipal.Current is null

I

found a post to added to my Startup.cs

//---> In the ConfigureServices
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();

//---> In the Configure
app.UseAuthention();
app.UseAuthorication();
app.UseEndPoints(endpoints => { endpoints.MapControllers()});

So far, I am not able to retrieve my name. Thanks for any help.

Answer 1

User475983607 posted

What exactly is the problem?  The name identifier is empty?  Can you explain how your Web API security works?  Did you build a custom JWT solution or are you using an API?

Answer 2

User956626884 posted

the name identifier is empty. in web api, the Request.Context.Principal is populated with the signed in user name. The app does not use token, just only signin.

In webApi core, I am replacing the Request.Context.Principle with something that works. I tried User in the controller class but that is empty. I also check HttpContext object but the Identity property is empty. 

I am not sure what needs to be configured in the startup.cs to get the signed in user to be populated. Thanks.

Answer 3

User753101303 posted

Hi,

IsAuthenticated being false means authentication is not required to access to all (or just parts) of your api. What you are using allows to expose information about the authenticated users regardless of which authencation method is used. Knwoing which one is used  or even if you configured something coudl help. Your old is using what?

If you don't see anything in the old app code could it be that it used Windows authentication ???

Answer 4

User475983607 posted

the name identifier is empty. in web api, the Request.Context.Principal is populated with the signed in user name. The app does not use token, just only signin.

In webApi core, I am replacing the Request.Context.Principle with something that works. I tried User in the controller class but that is empty. I also check HttpContext object but the Identity property is empty. 

I am not sure what needs to be configured in the startup.cs to get the signed in user to be populated. Thanks.

It sounds like the original design uses an authentication cookie.  This is an usual design in Web API and most likely why you are having difficultly moving to .NET Core.   I've never tied this but you can enable cookie authentication by following the official docs.

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-5.0

Answer 5

User956626884 posted

Thanks

Answer 6

User753101303 posted

Do you mean it is solved now? To me it was unclear if what you shown was used on purpose or because you "saw that in a post". Always be explicit.

If you need furhter help, please just tell which authentication method is used by the app you are porting (or show the relevant configurating code for this app) so that we can be 100% sure about what yoi need.