Difference between HttpContext.User.Identity and IClaimsPrincipal

1
votes

I am new to identity systems development and I'm thinking of using claims principal and claims identity for authorization in ASP.NET MVC 3 architecture (implemented at controller level).

I can see few implementation which uses HttpContext.User.Identity for authorization and some using IClaimsPrincipal. From my understanding (poor) through several posts, IClaimsPrincipal is a claim-based approach to provide HttpContext.User.Identity context to the application level usage. What is the difference between those two approaches and which one is more effecient if I use ADFS 2.0 as an STS/FP service?

1
asp.net-mvcwifclaims-based-identityadfs2.0

1 Answers

3
votes

IClaimsPrincipal is the WIF extension of IPrincipal. IClaimsPrincipal offers a collection of IClaimsIdentity, and likewise, IClaimsIdentity inherits IIdentity.

If you're using WIF in ASP.NET, IClaimsPrincipal/IClaimsIdentity and HttpContext.User.Identity are effectively the same approach. As part of the authentication pipeline, WIF will set your HttpContext.User.Identity to an IClaimsIdentity so that you can access it like so:

IClaimsIdentity claimsId = HttpContext.User.Identity as IClaimsIdentity;