IIS7 integrated mode closing token between requests
We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the Win开发者_开发知识库dowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request?
Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"}
Thanks.
Have you tried letting IIS cache the auth information for you?
Check out the options for the section of web.config. Specifically the authPersistNonNTLM
and authPersistSingleRequest
attributes. PersistNonNTLM=True may do exactly what you need w/o any custom implementation in your code.
http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication
In AcquireRequestState
event handler I just touched the HttpContext.Current.User.Identity.Name
as below
var t = HttpContext.Current.User.Identity.Name;
var p = HttpContext.Current.Profile;
and in my WCF services I could use the Identity
and the Profile
, without a ObjectDisposedException
.
I don't know why.
精彩评论