Why is `User.Identity.Name` `null` when running ASP.NET 6 project?

Question

I'm working on an app that's installed on-premise for our customers, so Windows Authentication is all we need. I'm currently updating the app from ASP.NET 4.8 to ASP.NET 6. When I run the app using the IIS Express launch profile, it works as I would expect, but when I run using the 'MyProject' launch profile, User.Identity.Name is null.

My launchsettings.json file:

{
"iisSettings": {
    "windowsAuthentication": true,
    "anonymousAuthentication": false,
    "iisExpress": {
        "applicationUrl": "http://localhost:42721"
    }
},
"profiles": {
    "MyProject": {
        "commandName": "Project",
        "dotnetRunMessages": true,
        "launchBrowser": true,
        "launchUrl": "/",
        "applicationUrl": "http://localhost:42721",
        "environmentVariables": {
            "ASPNETCORE_ENVIRONMENT": "Development"
        }
    },
    "IIS Express": {
        "commandName": "IISExpress",
        "launchBrowser": true,
        "launchUrl": "/",
        "environmentVariables": {
            "ASPNETCORE_ENVIRONMENT": "Development"
        }
    }
}

}

My Program.cs file:

using NLog;
using NLog.Web;
using System.Text.Json;

var logger = LogManager.Setup()
    .LoadConfigurationFromAppSettings()
    .GetCurrentClassLogger();
logger.Debug("init main");
    
var builder = WebApplication.CreateBuilder(args);

builder.Services
    .AddControllers()
    .AddJsonOptions(options =>
    {
        options.JsonSerializerOptions.DictionaryKeyPolicy = JsonNamingPolicy.CamelCase;
        options.JsonSerializerOptions.PropertyNamingPolicy = JsonNamingPolicy.CamelCase;
    });

builder.Services.AddDistributedMemoryCache();
builder.Services.AddSession(options =>
{
    options.IdleTimeout = TimeSpan.FromSeconds(60);
    options.Cookie.HttpOnly = true;
    options.Cookie.IsEssential = true;
});

// NLog: Setup NLog for Dependency injection
builder.Logging.ClearProviders();
builder.Logging.SetMinimumLevel(Microsoft.Extensions.Logging.LogLevel.Trace);
builder.Host.UseNLog();

// Add services to the container.

var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseDefaultFiles();
app.UseStaticFiles();

app.UseSession();
app.UseRouting();
app.UseEndpoints(endpoints => endpoints.MapControllers());
app.MapControllers();

app.Run();

Why does the Windows Authentication work when I'm debugging using IIS Express but not when I'm using the 'MyProject' launch profile?

Answer 1

The following rows are important in your Program.cs:

builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
   .AddNegotiate(); // which used by microsoft.aspnetcore.authentication.negotiate nuget package
builder.Services.AddAuthorization(options =>
{
    // By default, all incoming requests will be authorized according to the default policy.
    options.FallbackPolicy = options.DefaultPolicy;
});
//after app intialization:
app.UseAuthentication();
app.UseAuthorization();

See this Microsoft link Configure Windows Authentication in ASP.NET Core (Noted by @RichardDeeming in the comments)