Recently I have found an excellent question on Stackoverflow. The OP asks why does claim added to Idenetity after calling AuthenticationManager.SignIn
still persist to the cookie.
The sample code was like this:
ClaimsIdentity identity = UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie );
var claim1 = new Claim(ClaimTypes.Country, "Arctica");
identity.AddClaim(claim1);
AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, identity );
var claim2 = new Claim(ClaimTypes.Country, "Antartica");
identity.AddClaim(claim2);
Yeah, why does claim2
is available after cookie is already set.