Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to get Windows user name when identity impersonate="true" in asp.net?

I'm creating an intranet asp.net mvc application that everyone in the company should have access to. I need to run the website impersonated for database access etc., but I want to know who each user is.

When I look at Page.User.Identity.Name it's blank. Is it possible to get the user's windows account name even though the site is running impersonated?

Edit: Here's a little more info. I have a site in IIS 6 running with anonymous access enabled. The site is running under a system account that has access to the database (because all of the employees do not have access to the database).

My web.config has <authentication mode="Windows" /> and <identity impersonate="true"/>

My goal is that the users won't have to log in - that fact that they are logged into our network (and the fact that the site is not on an external IP) is enough authentication. I would just like to know who the user is in order to track changes they make, etc.

like image 327
MrDustpan Avatar asked Aug 12 '09 15:08

MrDustpan


People also ask

How do I fix system Web identity impersonate is set to true?

web/identity@impersonate is set to true. Things you can try: If the application supports it, disable client impersonation. If you are certain that it is OK to ignore this error, it can be disabled by setting system.

How will you implement impersonation in ASP.NET application?

Impersonate a specific user for all requests of an ASP.NET application. The identity of the process that impersonates a specific user on a thread must have the Act as part of the operating system privilege. By default, the Aspnet_wp.exe process runs under a computer account named ASPNET.

How do I impersonate a user in C#?

To impersonate the IIS authenticating user on every request for every page in an ASP.NET application, we must include an <identity> tag in the Web. config file of this application and set the impersonate attribute to true.

Where do you put identity impersonate true in web config?

In the application's Web. config file, set the impersonate attribute in the identity element to true. Set the NTFS access control list (ACL) for the ManagerInformation directory to allow access to only those identities that are in the Windows Manager group and any required system accounts.


4 Answers

With <authentication mode="Windows"/> in your application and Anonymous access enabled in IIS, you will see the following results:

System.Environment.UserName: Computer Name
Page.User.Identity.Name: Blank
System.Security.Principal.WindowsIdentity.GetCurrent().Name: Computer Name 

With <authentication mode="Windows"/> in your application, and ‘Anonymous access’ disabled and only ‘Integrated Windows Authentication’ in IIS, you will see the following results:

System.Environment.UserName: ASPNET (user account used to run ASP.NET service)
Page.User.Identity.Name: Domain\ Windows Account Name 
System.Security.Principal.WindowsIdentity.GetCurrent().Name: Computer Name\ASPNET

With <authentication mode="Windows"/> and <identity impersonate ="true"/> in your application, and ‘Anonymous access’ disabled and only ‘Integrated Windows Authentication’ in IIS, you will see the following results:

System.Environment.UserName: Windows Account Name 
Page.User.Identity.Name: Domain\ Windows Account Name 
System.Security.Principal.WindowsIdentity.GetCurrent().Name: Domain\ Windows Account Name
like image 55
gokul Avatar answered Sep 29 '22 13:09

gokul


try this

System.Security.Principal.WindowsIdentity.GetCurrent().Name

It should return a string with the users login name

like image 27
Gavin Avatar answered Sep 27 '22 13:09

Gavin


I just wanted to post my fix, because no one else had said anything about it.

I was having the same issue when I published the site to the server, but not on my local. All the settings were the same. However, in IIS the "Default Website" had never been turned off. It was running and intercepting traffic, even though there was no site associated with it. Anonymous Authentication was turned on in the default, but turned off in my website running under port 80. It didn't seem to matter that my site had it turned off... since the default was turned on it was turned on for all traffic to port 80.

Disabling the default web fixed the issue. Also changing the port to 8080 works.

I hope this helps someone.

like image 41
Kelly R Avatar answered Sep 30 '22 13:09

Kelly R


Unless this functionality has changed under the MVC framework, and I don't think it has, Page.User.Identity.Name should still work. Sounds like your site is set up to allow anonymous authentication. If so, try disabling it.

like image 27
Ryan Avatar answered Sep 30 '22 13:09

Ryan