What is the best way to get WindowsIdentity from ClaimsIdentity

Question

What is the best way to get WindowsIdentity from ClaimsIdentity

So far, I have discovered two solutions for getting a WindowsIdentity object from ClaimsIdentity. First, I retrieve the user principal name (upn).

ClaimsIdentity ci = (ClaimsIdentity) Thread.CurrentPrincipal.Identity;    
string upn = null;
foreach (Claim c in ci.Claims)
{
    if (c.ClaimType == ClaimTypes.Upn)
    {
        upn = c.Value;
        break;
    }
}

Just call the WindowsIdentity constructor using upn:
WindowsIdentity winId = new WindowsIdentity (upn) function;
Use Windows Token Service (c2WTS) requirements:
WindowsIdentity winId = S4UClient.UpnLogon (upn);

Solution 1 seems to me a simpler and simpler solution, but then I do not understand the purpose of c2WTS?

Any suggestions?

TNX!

+3

c # claims-based-identity

Matthias Feb 18 '11 at 11:10

source share

1 answer

Adrian · Accepted Answer · 2011-05-22T22:24:13+0000

WindowsIdentity winId = S4UClient.UpnLogon(upn);

Used by Excel Services and PerformancePoint Services.

It is cached once. There are other checks against him.

What is the best way to get WindowsIdentity from ClaimsIdentity

More articles: