IPrincipal and IIdentity

IPrincipal and IIdentity
IPrincipal: The user object represents the user's security context, and the code is currently running on behalf of the user, including the user's logo (iidentity) and any roles they belong to. All user objects need to implement the

IPrincipal. (Note in MSDN)
If you want to apply user role authentication to existing ASP.net applications, you can use IPrincipal to customize a customprincipal to implement user role verification.
IIdentity:
Defines the basic function of a marked object, representing a specific user whose code is currently running on behalf of the user.
(Note in MSDN)

IPrincipal and IIdentity can be found in the context of the ASP.net program instance.
It is common practice to:
asp.net application in the membership class to achieve the IIdentity excuse, and then CustomPrincipal class through a combination of the package of the member class, while CustomPrincipal implementation of the IPrincipal interface;
When the current code gets the user's mark, the most straightforward approach is to call the HttpContext.Current.User interface directly (it has always been thought that HttpContext.Current.User is a class and later found that it is an interface.) ），

HttpContext.Current.User interface in the default context, I'm not sure which class is coming from, but the HttpContext.Current.User interface can be assigned, so that after instantiating CustomPrincipal,

Assignment to the HttpContext.Current.User interface. An assignment can be placed in a AuthenticateRequest event in a HttpApplication instance.