The solution for my problem was given in this question: MVC3 Windows Authentication override User.Identity, in the edit that the user made on its own question.
Basically, to summarize it: I was doing the replace of the Principal in the event public void WindowsAuthentication_OnAuthenticate(object sender, WindowsAuthenticateEventArgs args)
, and I was supposed to do it in protected void Application_AuthorizeRequest(object sender, EventArgs e)
(which is not the same as in Forms Authentication Application_AuthenticateRequest
).
The code in Global.asax ends up being something like this:
protected void Application_AuthorizeRequest(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
var userData = WindowsUserDataHelper.GetWindowsUserData((WindowsIdentity)User.Identity);
var user = new MyCustomPrincipal(new MyCustomIdentity(User.Identity.Name, userData));
HttpContext.Current.User = user;
Thread.CurrentPrincipal = user;
}
}
From here, the User is replaced with the extended version of the Principal and the rest of the application can consume it from anywhere (view, controller, etc).