IIS7 integrated mode closing token between requests

Question

We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request?

Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"}

Thanks.

Answer 1

Have you tried letting IIS cache the auth information for you?

Check out the options for the section of web.config. Specifically the authPersistNonNTLM and authPersistSingleRequest attributes. PersistNonNTLM=True may do exactly what you need w/o any custom implementation in your code.

http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication

Answer 2

In AcquireRequestState event handler I just touched the HttpContext.Current.User.Identity.Name as below

var t = HttpContext.Current.User.Identity.Name;
var p = HttpContext.Current.Profile;

and in my WCF services I could use the Identity and the Profile, without a ObjectDisposedException.

I don't know why.