- Katana Middleware
- message handlers is legacy (Http modules that is baked in asp.net hosting in IIS)
- Authentication filters
- Authorization Filters
The whole idea about Katana and OWIN being to be able to self host anywhere and getting away from IIS and System.Web dependency
The new kid in block to work with client identity is
HttpRequestMessage.GetRequestContext().Principal
and using Thread.CurrentPrincipal is now legacy
Read http://chimera.labs.oreilly.com/books/1234000001708/ch10.html
http://www.hanselman.com/blog/SystemThreadingThreadCurrentPrincipalVsSystemWebHttpContextCurrentUserOrWhyFormsAuthenticationCanBeSubtle.aspx
http://leastprivilege.com/2012/06/25/important-setting-the-client-principal-in-asp-net-web-api/
No comments:
Post a Comment