Hi Daniel,

I noticed that you have opened a Support ticket on the same issue. We have answered there. I will summarize our reply also here for the benefit of our community.

With the older versions, each request was processed in a new thread. That's why each user's requests were under his/her identity. However, this way in some cases there were too many threads created server-side, which resulted occasionally in blocking the server.

With the recent versions, starting from 12.0.18.416, we introduced a dedicated rendering thread queue with a configurable count of threads for the REST Service. The thread queue is created once, upon initialization, e.g. under the user's account that has logged first. Thus, all these threads have the same identity, hence System.Threading.Thread.CurrentPrincipal.Identity is the same user in the context of the Report rendering threads.

Note that with this change we have introduced a new object UserIdentity. It gets the current user from the UI thread and passes its information to the Report rendering thread. The Context property is a Dictionary that may be used to pass any (serializable) information from the UI thread. For a sample, you may check How to use information from HttpContext in Custom Report Resolver KB article. Generally, you need to override the GetUserIdentity method of the ReportsController and fill the Context dictionary there, if you need additional information that is not passed by default.

With the above information in mind, we consider the observed change in the behavior as an improvement in the REST service and not a bug. For that reason, I will mark this bug report as Declined.

Regards,
Todor
Progress Telerik