I have a custom Principal (implements System.Security.Principal.IPrincipal
interface) that I need to access from a WebService. My web application has
the Thread.CurrentPrincipal set to this new Principal object, as well as
HttpContext.Current.User. But when I access either Thread.CurrentPrincipal
or HttpContext.Current.User from the Web Service, they are not the same as
those set in the Web Application (and I can see why). My question is, how
can I make the Principal from the Web Service be the same as the one from
the Web Application? If I have to pass the Principal to the Web Service,
that is fine...but I seem to not be able to do this.
In our security system, it has fills the roles collection and creates a new
custom Principal instance (along with the Identity). This principal is used
by our business logic layer to check the user's permissions/roles. The Web
Service calls the methods on the business logic layer and all calls fail
because the Principal object doesn't contain the correct Roles.
So, how can I do this? I need to access the same Principal object on the
Web Service as the one that's created on the Web Application.
Thanks,
Mythran
|
Similar Threads
