Cookie auth middleware only uses first identity instead of all


The cookie authentication middleware uses AuthenticationResponseGrant.Identity when issuing the cookie. unfortunately this property only contains the first identity in the list of identities available in the ClaimsPrinciple passed to the AuthenticationResponseGrant. This makes it impossible to sign in a principal with multiple idenitie, which unfortunately causes a few issues to us... We use the multiple identities to manage impersonation and a few other scenarios, something that worked fine when using WIF. Now however, we have to resort to multiple cookies, which doesn't feel very good.

Is there any way that the cookie middleware could use the ClaimsPrinciple property instead, and by doing so, allow us to sign in using multiple identities?
Closed Mar 2 at 9:53 PM by mgirgin


Tratcher wrote Jun 25, 2015 at 3:27 PM

FYI: Development of this component has moved to https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationHandler.cs.

I think this has already been addressed in the new code base.