WCF - Unable to view Claims

Question

My WCF method is not able to see any of my identity claims. I'm able to authenticate the user via the ClaimsPrincipalPermission property but there's information I need out of the claim list in a given method.

The approach I'm using below works in WebForms, WebAPI, and ASMX; however, it's not working with my WCF web-methods. Any help would be greatly appreciated.

Expected Results

Actual Results

WCF Method

Again this solution works for WebForms, WebAPI, and ASMX.

namespace ControlPanelService
{
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
    [ClaimsPrincipalPermission(SecurityAction.Demand, Resource = "ControlPanel", Operation = "Request")]
    [ExceptionHandling.WCF.AiLogExceptionAttribute]
    public partial class ControlPanelService : IControlPanelService
    {
        #region Claim
        private string _testMgmtUrl { get; set; }
        private string _tmtName { get; set; }
        #endregion

        public ControlPanelService()
        {
            var identity = (System.Security.Claims.ClaimsPrincipal)System.Threading.Thread.CurrentPrincipal;
            this._tmtName = identity.GetClaimValue("tmtName");
        }
        
        etc...

Authorization Manager (This authorizes access to the WCF methods. I am able to view the claim information here; however, once I'm in the class the claim values are missing)

namespace CGI_Automation_Framework.ClaimsManager
{
    public class AuthorizationManager : ClaimsAuthorizationManager
    {
        public override bool CheckAccess(AuthorizationContext context)
        {
            var userIdentity = HttpContext.Current.User.Identity;
            bool checkForAuthentication = false;

            if (userIdentity.IsAuthenticated)
                return true;

            //throw new System.Web.Http.HttpResponseException(HttpStatusCode.Unauthorized);
            return checkForAuthentication;
        }
    }
    
    etc...

Web.Config (system.identityModel)

<system.identityModel>
  <identityConfiguration>
    <claimsAuthorizationManager type="CGI_Automation_Framework.ClaimsManager.AuthorizationManager, CGI_Automation_Framework" />
  </identityConfiguration>
</system.identityModel>

Web.Config (WCF Behavior)

<behavior name="ControlPanelServiceBehavior">
  <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
  <serviceDebug includeExceptionDetailInFaults="true" />      
</behavior>

Web.Config (WCF Binding)

<webHttpBinding>
  <binding name="DefaultBinding"
      maxReceivedMessageSize="7500000"
      maxBufferSize="7500000"
      maxBufferPoolSize="7500000">
  </binding>
</webHttpBinding>

Web.Config (WCF service)

<service name="ControlPanelService.ControlPanelService" behaviorConfiguration="ControlPanelServiceBehavior">
  <endpoint address="" binding="webHttpBinding" contract="ControlPanelService.IControlPanelService" behaviorConfiguration="jsonBehavior" bindingConfiguration="DefaultBinding">
    <identity>
      <dns value="localhost" />
    </identity>
  </endpoint>
</service>

SVC File

<%@ ServiceHost Language="C#" Debug="true" Service="ControlPanelService.ControlPanelService" CodeBehind="ControlPanelService.ControlPanelService.cs" %>

Answer 1

Apparently I was trying to use the wrong method in my WCF constructor to access the claims.

The correct code to use in my WCF constructor is below:

    var userIdentity = HttpContext.Current.User.Identity;

    IEnumerable<System.Security.Claims.Claim> c = ((System.Security.Claims.ClaimsIdentity)userIdentity).Claims;

Again this is not how I would typically access the claims from ASMX, WebAPI, or WebForms. Hopefully this helps someone else.