Cache User

Author: HaoK

src/Microsoft.AspNetCore.Server.IISIntegration/AuthenticationHandler.cs

@@ -15,6 +15,7 @@ namespace Microsoft.AspNetCore.Server.IISIntegration
     internal class AuthenticationHandler : IAuthenticationHandler
     {
         private const string MSAspNetCoreWinAuthToken = "MS-ASPNETCORE-WINAUTHTOKEN";
+        private WindowsPrincipal _user;
 
         internal AuthenticationScheme Scheme { get; private set; }
 
@@ -33,25 +34,27 @@ public Task<AuthenticateResult> AuthenticateAsync(AuthenticateContext context)
 
         private WindowsPrincipal GetUser(HttpContext httpContext)
         {
-            var tokenHeader = httpContext.Request.Headers[MSAspNetCoreWinAuthToken];
-
-            int hexHandle;
-            WindowsPrincipal winPrincipal = null;
-            if (!StringValues.IsNullOrEmpty(tokenHeader)
-                && int.TryParse(tokenHeader, NumberStyles.HexNumber, CultureInfo.InvariantCulture, out hexHandle))
+            if (_user == null)
             {
-                // Always create the identity if the handle exists, we need to dispose it so it does not leak.
-                var handle = new IntPtr(hexHandle);
-                var winIdentity = new WindowsIdentity(handle);
+                var tokenHeader = httpContext.Request.Headers[MSAspNetCoreWinAuthToken];
+
+                int hexHandle;
+                if (!StringValues.IsNullOrEmpty(tokenHeader)
+                    && int.TryParse(tokenHeader, NumberStyles.HexNumber, CultureInfo.InvariantCulture, out hexHandle))
+                {
+                    // Always create the identity if the handle exists, we need to dispose it so it does not leak.
+                    var handle = new IntPtr(hexHandle);
+                    var winIdentity = new WindowsIdentity(handle);
 
-                // WindowsIdentity just duplicated the handle so we need to close the original.
-                NativeMethods.CloseHandle(handle);
+                    // WindowsIdentity just duplicated the handle so we need to close the original.
+                    NativeMethods.CloseHandle(handle);
 
-                httpContext.Response.RegisterForDispose(winIdentity);
-                winPrincipal = new WindowsPrincipal(winIdentity);
+                    httpContext.Response.RegisterForDispose(winIdentity);
+                    _user = new WindowsPrincipal(winIdentity);
+                }
             }
 
-            return winPrincipal;
+            return _user;
         }
 
 

src/Microsoft.AspNetCore.Server.IISIntegration/IISMiddleware.cs

@@ -4,15 +4,12 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
-using System.Globalization;
 using System.Linq;
-using System.Security.Principal;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Features;
-using Microsoft.Extensions.Internal;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Primitives;
@@ -59,8 +56,8 @@ public IISMiddleware(RequestDelegate next, ILoggerFactory loggerFactory, IOption
                     throw new InvalidOperationException("IServiceCollection.AddAuthentication() is required to use Authentication.");
                 }
 
-                auth.AddScheme(new AuthenticationScheme("NTLM", typeof(AuthenticationHandler), new Dictionary<string, object>()));
-                auth.AddScheme(new AuthenticationScheme("Negotiate", typeof(AuthenticationHandler), new Dictionary<string, object>()));
+                auth.AddScheme(new AuthenticationScheme("NTLM", typeof(AuthenticationHandler)));
+                auth.AddScheme(new AuthenticationScheme("Negotiate", typeof(AuthenticationHandler)));
             }
 
             _pairingToken = pairingToken;