HttpContext.User.Claims vs HttpContext.User.Identities.Claims? Difference? When to use one over the other?
A HttpContext.User which is a ClaimsPrincipal has a collection of Claims, but the HttpContext.User also has a collection of ClaimsIdentity, which has a collection of claims and even the same properties like IsAuthenticated and Name.
What is the purpose or when to use one over the other, say in instances of user impersonation for admins? Or delegation? It seems like they are capable of tracking the same information in terms of roles and claims. If I want to have one user impersonate another, it seems like I could overwrite the HttpContext.User with the impersonated user and just store a value to indicate it's an impersonation and the original user, or maybe I could add the impersonated user to the ClaimsIdentities? Or something else?
I just don't know enough about this structure to determine the pros and cons or if there is a better way.
You can't use one over the other. If there is one ClaimsIdentity in the Identities property (the collection of ClaimsIdentity) then User.Identity will return that identity. This is easy to verify with a basic login capable app.
The Claims property will return all the claims for each identity in the Identities property. Trivially, if you just have one identity then you only get the claims in that identity.
The basic idea behind having multiple identities is the same reason why you might carry a drivers license, bus pass, and work badge all in your wallet. Each identity gives you "access" to different areas and allow you to (legally) perform separate actions.
- Quartz.net: How to create jobs using Dependency Injection
- MemoryStream - Cannot access a closed Stream
- Custom Compiler Warnings
- Cannot find Assert.Fail and Assert.Pass or equivalent
- How to reduce the margin between two buttons in below WPF code
- Bad Request When Using PostAsJsonAsync C#
- How to use RouteValues using MvcPaging2.0 in MVC3?
- How to change visibility for some TreeDataGrid rows?
- Dynamically Added LinkButtons Don't Fire OnClick Event
- How to retrieve actual item from HashSet<T>?
- Retrieve 10 records from MySQL?
- Entity data model designer won't open the edmx file
- How can you inherit from a sealed class using reflection in .Net?
- Azure .NET SDK: Scale Azure SQL databases through SDK
- SortedList Doesn't taking multiple objects in C#
- Using System.Text.Json to Serialize an IConfiguration back to Json
- In v8 of highcharts implemented multiple highcharts in a single view but not working in the upgraded version GetHighchartsJS
- IBrowserFile FromIMageFileAsync incomplete image
- Can't repoduce call stack in one of my programs
- What's the fastest way to read a text file line-by-line?
- What is the difference between Environment.CurrentDirectory and Directory.GetCurrentDirectory?
- Automapper: passing parameter to Map method
- What is the difference between String and string in C#?
- error MSB3073: The command "npm install" exited with code 1
- What's the algorithm behind Robocopy?
- ASP. NET Core 8: Error HTTP 500 and returnurl=%2F in the URL
- Decompressing Large Gzip File not working using System.IO.Compression
- mlContext.Data.CreateEnumerable uses the init property?
- Why should I prefer single 'await Task.WhenAll' over multiple awaits?
- Implicit casting / polymorphism with a Dictionary in C#