Blog

Examine User Identity and Claims from Visual Studio Debugger

When debugging a claims-aware application (you ARE using claims, aren’t you?), sometimes it is useful to answer the question “which user is logged in (if any) and (if so) which claims are associated with said user.”

Assuming you are using Visual Studio and .NET 4.5, the simple solution is to add the following to one of your Visual Studio Watch windows:

System.Threading.Thread.CurrentPrincipal

[If you happen to be debugging ASP.NET code, you could save a little typing and instead add User to your Watch window. User should have the same value as the CurrentPrincipal in the context of ASP.NET. For ASP.NET WebForms User is a property of the Page class (Page.User), while for ASP.NET MVC User is a property of both the Controller class (Controller.User) and the HttpContext class (HttpContext.User).]

Drill in, and you will see something like the following:

image

If you then right-click on the Results View entry under Claims (the one that says “Expanding the Results View will enumerate the IEnumerable”) and, uhh, click on that entry to expand the results view, you will see all the claims.

In my case, some claims were flowing through Windows Azure Access Control Service (ACS), and these list the ACS namespace as the Issuer. Other claims were added at runtime by my code using a ClaimsAuthenticationManager module, and these list LOCAL AUTHORITY as the Issuer.

image

Alternatively, you can add the more complex direct expression to your Watch window – using the cast to coerce the right values:

((System.Security.Claims.ClaimsPrincipal)(System.Threading.Thread.CurrentPrincipal))

This will also do the job – with a little less drilling.

“Is your application right fit for the cloud? find out in less than 10 min. Click Here “