WCF4 REST APIkey question - pass information from ServiceAuthorizationManager to services

I want to implement an API key authentication solution for my WCF4 REST API.

I know that I need to make a class and derive it from ServiceAuthorizationManager and override the CheckAccessCore method. All that I understand.

But what I want to do from the CheckAccessCore pass internal information from the CheckAccessCore to my Service implementation classes. Information like "ApiKeyID, rights, flags and other details" that I looked up when doing the ApiKey authentication.

So that my services internally can use the internal ApiKeyID when it calls the domain logic.

I have seen many different ways of doing this, like

operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = p;

or

System.Threading.Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;

and oth开发者_运维百科er ways....

Another way you can pass along objects is by adding the object to the Properties Collection of the RequestMessage object.

IssuedToken Token = new IssuedToken() 
operationContext.RequestContext.RequestMessage.Properties.Add("NameOfObj",Token);