User.Identity.Name with windows authentication

Question

I have a very simple partial view in my header called AccountInfoPanel. It only has one line:

Welcome: @HttpContext.Current.User.Identity.Name

And in my Web.Config I have

<authentication mode="Windows" />

But the identity name is always empty. If I debug through VS 2012, and break on the index action, I see it is empty.

If I run it through IIS with Windows Authentication Enabled and Anonymous Authentication diabled, I get a challenge. So I try to plug in My account or a test1 and test2 account. It comes back and says:

HTTP Error 401.1 - Unauthorized You do not have permission to view this directory or page using the credentials that you supplied.

I also tried setting Impersonation to true and get the same response from the challenge. Does anyone know how to set this up?

And if all the setup has to done in IIS, how do you debug your code within Visual Studio?

One other question. My boss seems to think you don't even need a login box. IE would just know who you are. And you could "run as" in IE with a different account.

Answer 1

The correct way to get the name by WindowsPrincipal. I am giving you the demo code below

WindowsPrincipal wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());

string username = wp.Identity.Name;

Answer 2

I know this is an old question, but since it's not answered maybe someone could use my tip. I've been struggling with such an issue for some time and finally, I've discovered that one needs to have URL Authorization installed in order to make it work.

Navigate to the windows features and install the following feature:

Web Server (IIS) -> Web Server -> Security -> URL Authorization

I've also restarted IIS just in case, but I'm not sure if it's needed.

Answer 3

Visual Studio installs IIS Express to serve web applications, so you have to configure it to use Windows Authentication.

Configuration file for IIS Express is usually here (more info: Where is the IIS Express configuration / metabase file found?):

%userprofile%\documents\iisexpress\config\applicationhost.config

Disable Anonymous authentication (enabled by default):

<anonymousAuthentication enabled="false" userName="" />

Enable Windows Authentication (disabled by default):

<windowsAuthentication enabled="true">
   <providers>
     <add value="Negotiate" />
     <add value="NTLM" />
   </providers>
</windowsAuthentication>

Answer 4

To solve the problem, you have to enable the Windows Authentication feature. Follow the below steps:

-Click Start, and then click Control Panel. Open the Programs group. -Under Programs and -Features, click Turn Windows Features on or off. -Expand the item labeled Internet Information Services. -Expand the item labeled World Wide Web Services. -Expand the item Security -> Make sure to select Windows Authentication

Also you need to disable Anonymous Authentication from the IIS as follows: -Click on your application in IIS -Double click Authentication under IIS group -Click on Anonymous Authentication -Click on Disable on the right side under Actions. Hope this helps

Answer 5

Check one of possible issues on my checklist

http://netpl.blogspot.com/2012/06/iis-75-integrated-security-with-no.html

In short:

First, make sure that Anonymous Authentication is turned OFF for the site:

Second, enable integrated security in Interner Explorer (Options/Advanced and checkin the “Enable Integrated Windows Authentication” option).

Third, add your website to Local Intranet zone and select at least “Automatic logon only in Intranet Zone” option under Options/Security Settings/Local intranet/Custom level).

Fourth, make sure the user and application server are in the same domain.