IsAuthenticated of Request is false inside Glimpse policy, even I'm logged in

Question

I'm building site with ASP.NET MVC 5, and would like to secure Glimpse with existing layer of security, MVC 5 Roles. Glimpse is version 1.8.6

I wrote my implementation of IRuntimePolicy, derived from the sample code. When I run thru my code the IsAuthenticated property of request is always false. Even when I'm logged in (in the controller this property is true). Can anybody help me what I'm doing wrong? I thought setting Glimpse:DisableAsyncSupport in the app settings would help, but didn't.

This is my implementatio of IRuntimePolicy

    public RuntimePolicy Execute(IRuntimePolicyContext policyContext)
    {
        var userManager = new UserManager(new UserStore<MyUser>(new ApplicationDbContext()));
        var httpContext = HttpContext.Current;

        if (httpContext.Request.IsAuthenticated) //ALWAYS FALSE, EVEN WHEN IM LOGGED IN
        {
            var userId = httpContext.User.Identity.GetUserId(); //User is null
            if (userManager.IsInRole(userId, "Admin"))
                return RuntimePolicy.On;
        }

        return RuntimePolicy.Off;
    }

Can you tell us when your user authentication happens? It seems like it is happening *after* the policy is executed - or that `isAuthenticated` flag isn't being set. — nikmd23, Jul 06 '15 at 14:10
I'm using ASP.NET Identity 2.0 which comes with asp.net mvc 5. I'm not setting this flag at all, Identity framework take care of this for me. — vmachacek, Jul 06 '15 at 15:10

score 2 · Accepted Answer · edited May 23 '17 at 12:21

2

You have to add <modules runAllManagedModulesForAllRequests="true" /> or add precondition="managedHandler" for your module. See more explanation here: enter link description here There might be a performance hit in the first option.

edited May 23 '17 at 12:21

Community

1
1

answered Jul 09 '15 at 12:17

jhexp

685
4
9

IsAuthenticated of Request is false inside Glimpse policy, even I'm logged in

1 Answers1