Use authorization logic from an existing project to secure various aspects of all views in all modules of my new Composite WPF application.
Use ASP.NET application services to leverage existing membership and roles, create a GenericPrincipal and GenericIdentity and register it for use across all threads created in the application domain using AppDomain.CurrentDomain.SetThreadPrincipal(principal);
When doing an IsInRole check on a supporting view, Thread.CurrentPrincipal is a blank, new GenericPrincipal with an empty unauthenticated GenericIdentity. It appears new threads aren't being created with the principal registered with the AppDomain.
Sup with that, and if this isn't the right way, how should I do it? I could maybe use a static property, but then I lose my code access security.