How to properly create the principal in .NET Core?

In my software carrier, I have been dealing with many types of credentials. Starting with Windows NT SSPI, NTLM, Kerberos, .NET Principals and finally today with .NET Core Claims.
And believe me, this will not be the last credential type. Security is a complex and important topic, which need to be approved overtime.
If you work with ASP.NET Core there all done for you. When your request enters an action, you can access the security context and do something with the existing principal.
Sometimes you have a component, which is developed to be used in ASP.NET Core and want to use the principal inside of the component. I already posted a short article that explains how to do that.

But, when working in the pure .NET Core you might want to use the same component. In that case, there is no ASP.NET Core to help you to create the principal. This post describes how to do that.
The security in context of .NET is that .NET Framework originally provided the security context, which was aligned to WIndows. With .NET Core, which is the cloud framework, the host of your component (ASP.NET Core, Outlook, etc.) will provide a context which needs to be properly propagated to .NET Core. The security context is bound to the IPrincipal instance implemented by the class ClaimsPrincipal. It holds possibly multiple claims identities with several claims.
Following code shows how to create the principal with your custom identity and correctly set identity name.

Claim claim = new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", "damir");
           
            ClaimsIdentity identity = new ClaimsIdentity(
                new System.Security.Claims.Claim[] { claim },
                "My-Console-Authentication-Type", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", 
                "role");
          
            ClaimsPrincipal principal = new ClaimsPrincipal(identity);

Here is the result.
231118_Principals


comments powered by Disqus