In MVC what's the difference between these 2?
They look identical, and they even return the same Type/Class System.Web.Security.RolePrincipal
but there're subtleties.
Eg. The following code throws various errors when called against the instance generated via ClaimsPrincipal.Current
cp.FindFirst(ClaimTypes.Name); //{"Unable to connect to SQL Server database."} <--HUH!?
cp.Claims; //{"Value cannot be null.\r\nParameter name: username"}
The above works when cp is this instead:
var cp = System.Web.HttpContext.Current.User
When drilling down to the private members via quick watch I can see that they both has the same Claim dictionary. However for whatever reason the public property blows when called against the object returned by ClaimsPrincipal.Current
Help - why is this!? This is driving me crazy.
=============EDIT==================
It must be almost time to go to bed.
IPrincipal supports multiple identities. It requires some kind of store. IIdentity returns an instance of ClaimsIdentity and does not require the store.
I was simply drilling the wrong properties. The two of them are almost identical in their shape ie. same properties and methods, that I got them confused.
The Identity is the current authenticated user and the principal is the security context that the code is running under.
This article is a good explanation that I found useful http://msdn.microsoft.com/en-us/library/ftx85f8x.aspx .