_securityToken.IsAnonymousUser is true in WebApi

Questions
1

Hi we have a service that updates some user information. the service workes fine when called internally, but when called from a web API (We are sending the full context in the request) in the post and from the api controller we call our service method that contains

person = _loggedInPersonModelBuilder.GetPerson() eg “_securityToken.IsAnonymousUser && _securityToken.Person”;

The person is always anonymous, writing to the session workes fine, so the session data seams to be there. How can I get the user?

Litium version: 7.3

2

Check how

Thread.CurrentPrincipal.Identity

looks, is it also empty?

3

Thread.CurrentPrincipal.Identity contains the logged in user can i convert that to a person?

Something like this?

		public Customers.Person GetPerson()
	{
		var securityToken = _securityToken;
		if (securityToken.IsAnonymousUser && System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated)
		{
			securityToken = new SecurityToken((ClaimsIdentity)System.Threading.Thread.CurrentPrincipal.Identity);
		}
		
		if (!securityToken.IsAnonymousUser && securityToken.Person != null)
		{
			return securityToken.Person;
		}
		return null;
	}

But should this be necessary?

4

Yes you can use this, you can then set it in

RequestModelHandler.cs
SendAsync

method on the incoming call.

5

Isn’t this the same as using _securityContextService.GetIdentityUserSystemId()?

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.