I have setup a AuthorizationFilter on Api controller action, during the first call the User Identity is being set but while accessing the httpContextAccessor in subsequent api requests the User.Identity.Name is null.
I have tried to use injection with setting up the HttpContextAccessor as singleton.
AuthorizationFilter code :
IIdentity identity = _singleSignOnUserService.GetUser(userInfo);
_httpContextAccessor.HttpContext.User = new GenericPrincipal(identity, null);
Startup.cs Injection code :
services.AddScoped<AuthAttribute>();
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
Controller code :
private readonly IHttpContextAccessor _httpContextAccessor;
TesController(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
}
Why would _httpContextAccessor.HttpContext.User.Identity.Name be null even though the AuthorizeFilter has set the value?
I solved this by setting Authorization token in header of client requests to Webapi , it turned out the problem was because of the fact that client application - Angular and Core Webapi are hosted on different domains.