I have the following code to verify if the user has access to the application or not. Problem is System.Web.HttpContext.Current.User.Identity.Name
returns empty. I checked. What could be the problem? My other application uses the same code snippet and it works there. Why is this happening?
string username = System.Web.HttpContext.Current.User.Identity.Name;
string str = "SELECT LASTNAME +', '+ FIRSTNAME AS NAME, USER_NAME, DEPARTMENT FROM DBNAME.DBO.TABLENAME WHERE USER_NAME = '" + username + "' ";
SqlCommand cmd = new SqlCommand(str, conn);
SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
if (rdr.HasRows == false)
{
Server.Transfer("unauthorized.htm");
}
else
{
while (rdr.Read())
{
name = rdr["NAME"].ToString();
username = rdr["USER_NAME"].ToString();
dept = rdr["DEPARTMENT"].ToString();
}
}
It looks like you have an anonymous user. If you don't want to allow anonymous users, add the following to web.config:
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With