I am using WIF and claims-based security in a MVC app and custom logic to create a ClaimsPrincipal with the appropriate claims after they authenticate. I assign some standard claims like Role and Name to the principal but also assign custom claims where applicable.
I modeled my custom claims after the standardized Role and Name claims using a URI, for example
new Claim("http://schemas.acme.com/2012/04/identity/claims/create", "http://schemas.acme.com/2012/04/identity/resources/customer")
Everything has been working very well. I use the SessionAuthenticationModule to store the users session in cookies and rehydrate it on each request.
I noticed today that my custom claims are not deserialized from the cookie after someone logs in with the same usertype. The standard claims (Name/Role) are present but the custom claims aren't.
Has anyone else ever seen this or know why this is happening?