We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request?
Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"}
Thanks.
Have you tried letting IIS cache the auth information for you?
Check out the options for the section of web.config. Specifically the
authPersistNonNTLM
andauthPersistSingleRequest
attributes. PersistNonNTLM=True may do exactly what you need w/o any custom implementation in your code.http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication