Home/ Questions/Q 9149981
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T11:33:05+00:00

My application uses the UserPrincipal class to determine what groups a user belongs to

  • 0

My application uses the UserPrincipal class to determine what groups a user belongs to and then uses that information to determine if a user is authenticated to use my application. Things worked just fine for while, but recently I’ve started getting an exception

Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)

When calling UserPrincipal.FindByIdentity. It seems like the call is succeeding and the exception is being handled properly, but it makes me nervous that authentication is going to break suddenly in the future. I’m not explicitly creating the GUID anywhere, so I have no idea where the exception is coming from.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It’s most likely that an exception is being thrown somewhere deep in the Framework code that’s trying to initialize some sort of security descriptor from an invalid GUID value. If the framework is catching it and handling it internally I wouldn’t worry about it.

    Tracing through the Framework code, here is one likely place that it happens:

    protected static bool IdentityClaimToFilter(string identity, string identityFormat, ref string filter, bool throwOnFail)
{
  if (identity == null)
    identity = "";
  StringBuilder filter1 = new StringBuilder();
  switch (identityFormat)
  {
    case "ms-guid":
      Guid guid;
      try
      {
        guid = new Guid(identity);
      }
      catch (FormatException ex)
      {
        if (throwOnFail)
          throw new ArgumentException(ex.Message, (Exception) ex);
        else
          return false;
      }
...

    Notice that it tries to create a new Guid, and if it fails, an exception is thrown, but the code swallows it and just returns false

    • 0