principal

Role, Membership, Profiles, Principals, and Forms Authentication

I'm swimming in the relationships and hierarchies of a web application that I'm trying to secure with custom sql membership and role providers. I'm a little fuzzy on forms authentication, principals, and the like. So -- The web.config is set up for forms authentication with a custom membership provider and custom roles provider. When ...

How do I get the Current User identity for a VPN user in a Windows forms app?

We're currently developing a Windows Smartclient that needs to authenticate users using their AD group membership. We now have a requirement for some users to connect over VPN. Is there any way I can get the AD account identity and groups from the VPN login? WindowsIdentity.GetCurrent() returns the local user account rather than their ...

[ASP.NET] How to set Thread.CurrentPrincipal for use throughout the application?

HEllo, In an ASP.net application I'm using Login control with custom membership provider that I wrote, and what I also want to do is to set Thread.CurrentPrincipal to my custom Principal object, just after the user is authenticated. I'm using the setter: Thread.CurrentPrincipal and it sets the Principal object for me but, on all the c...

No principal in request after Apache basic authentication (basic-auth) with mod_jk

[environment] Apache 2.2.13 connect to Tomcat 5.5 with mod_jk (ajp13). Apache requires basic-auth for "/" i.e. for all URLs it serves. [problem] Once the request arrives at my app in Tomcat (it's a Servlet filter) request.getUserPrincipal() returns null. Apache, however, did authenticate the request, I did enter user/password in the bro...

how to show all the sample principal component plots in R ?

I noticed something in R , say pc is the result of applying PCA to a data matrix and pc$x is my sample principal component matrix . when try plot(pc$x) , it will only plot the first principal component (pc1) against the second (pc2) , but I actually have more than 2 principal components. how do I show all of them ? ...

How to set a principal for a workflowprocess in WF 4.0

Hi, Lately I've run into the following problem. I've started using Workflow 4.0, one of the challenges now is to have the workflow run on the correct user, the one who's actually starting it. In WCF we use a sort of flowing-headers behaviour wich does the trick, but in WF it doesn't work obviously because the workflowhost spawns (almost...

Inexplainable InvalidOperationException with GroupPrincipal and SAM PrincipalContext

I am trying to create a Principal like this: PrincipalContext pc = new PrincipalContext(ContextType.Machine); GroupPrincipal group = new GroupPrincipal(pc); group.Name = "Some Group Name"; group.Description = "Some Group Name Description"; group.Save(); However, when the code is executed, I get the following exception message: ...

Spring security accessing principal

When using spring security, specifically with @notation; what is the proper way to access the principal in a Controller? Lets say the following is my controller, but I would like to access the principal in the secure() method somewhere... @Controller public class LoginController { @RequestMapping(value = "/login", method = Request...

Restore Principal when workflow is loaded

Hi all, we use a ServiceAutorizationManager in WCF to set the principal in our services. We are planning to switch to WIF. But with workflows hosted as WCF service that are able to suspend or idle we have a problem to restore the principal. Which hook can we use so that the principal is loaded correctly without having to alter our workf...

How do I start a thread in a different security context?

How to start a thread in the security context of a different user? When a process starts a thread normally the security context is also passed but how to launch a thread in a different security context with the principal of a different user? ...

Claims-based authentication for WCF RESTful services

Hi gang, I've been working through various samples to try and piece together a solution for SAML token-based authentication for ASP.Net web services and WCF RESTful web services... some of the samples I've been referencing: http://custombasicauth.codeplex.com/Wikipage http://www.leastprivilege.com/SecuringWCFDataServicesUsingWIF.aspx...

Does a System.DirectoryServices.AccountManagement.Principal ever have a null GUID?

I have a situation where I need to store a globally unique identifier that points to an Active Directory user account. I'm leaning towards the Guid because it is easier to store than the Sid. According to the MSDN entry, the property (which is a Nullable), will always return null if the ContextType is set to "Machine." I don't need to ...

Get identity-level token for Windows user?

I want to create a WindowsIdentity for a given user. I don't need it for impersonation, just for group membership checks. I need it to work with and without a domain (none of that S4U Kerberos delegation stuff). The constructor for WindowsIdentity that takes a username only seems to work for domain scenarios. Is there any other way I ca...

How do I implement custom Principal and Identity in ASP.NET MVC?

I want to store extra information in the authenticated user so that I can have it easily accessible (like User.Identity.Id, for example), instead of just the name, since I'm planning on having that non-unique. So far I've gathered that I should look to implement custom Principal and/or Identity, but I'm not sure how to go about it. I'v...

WCF Service - Custom Principal

In the constructor of my WCF service class I am setting the current principal to be that of the principal passed in the header of the message: Thread.CurrentPrincipal = OperationContext.Current.IncomingMessageHeaders.GetHeader<BBPrincipal>("bbPrincipal", "ns"); This seems to work fine, however when I come to reference the principal in...

Custom principal in ASP.NET MVC

I want to be able to access custom properties for an authenticated user like UserId and FirstName without querying the database each time. I found this site through a post on Stack Overflow and I like the approach - but I use IoC / repositories and decided not to try and get global.asax to communicate with the database for fear that it ...

JAXWS servlet endpoint and principal propagation

Hello, I'm trying to develop webservice authentication by checking hash_ID given in wsdl URL. I use servlet webservice (JAXWS, without ejb). I've extended WSServlet class. In doGet method I check if the given hashId is valid and if so, I do the programmatic login. The problem is that after login, principal is not propagated from servlet...