I've been working with Sitefinity for the past few months with a Custom Role/Membership provider. Recently I added Custom IPrincipal and IIdentity classes.
In my global.asax, I attach this principal/identity to the context like so:
sender, EventArgs e)
HttpContext context = HttpContext.Current;
// Get Forms Identity From Current User
FormsIdentity id = (FormsIdentity)context.User.Identity;
// Get Forms Ticket From Identity object and create a new CustomIdentity
CustomIdentity identity = CustomIdentity(id.Name, id.Ticket, id.IsAuthenticated);
// Create a new CustomPrincipal Instance and assign to Current User
CustomPrincipal principal =
// Add the principal to the context and thread
context.User = principal;
System.Threading.Thread.CurrentPrincipal = principal;
This works with every (about 5-6) ASP.NET web application that I have, except Sitefinity. If I add this method to the global.asax, then it seems like Sitefinity stops loading Roles for the current user. That is to say, a user that has the "Unrestricted" role now no longer has acces to the admin pages, etc. The only thing I can think is that possibly Sitefinity is attaching its own IIdentity/Principal and then trying to cast the User/Identity off the context and failing.
So, I guess my main question is this. Does Sitefinity work with custom IPrincipal/IIdentity classes? If it doesn't directly, is there a work around?