There is an unsaved comment in progress. You will lose your changes if you continue. Are you sure you want to reopen the work item?
Cookie auth middleware only uses first identity instead of all
The cookie authentication middleware uses AuthenticationResponseGrant.Identity when issuing the cookie. unfortunately this property only contains the first identity in the list of identities available in the ClaimsPrinciple passed to the AuthenticationResponseGrant.
This makes it impossible to sign in a principal with multiple idenitie, which unfortunately causes a few issues to us... We use the multiple identities to manage impersonation and a few other scenarios, something that worked fine when using WIF. Now however,
we have to resort to multiple cookies, which doesn't feel very good.
Is there any way that the cookie middleware could use the ClaimsPrinciple property instead, and by doing so, allow us to sign in using multiple identities?