CODEWITHSUNDEEP
asp.netsecurity
flesh
flesh

Reputation: 23935

How to find out which account my ASP.NET code is running under?

I am getting an 'Access to the path is denied" error message when running in debug mode. I have tried granting permissions to {MACHINENAME}\ASPNET and to NETWORK SERVICE but this hasn't made any difference. I have also tried < impersonate = true /> using an admin account, this also made no difference. So how do I establish exactly which account is being used?

Upvotes: 16

Views: 21929

Answers (4)

manju
manju

Reputation: 1

strint t=System.Web.Security.Membership.GetUser().UserName.ToString();

Upvotes: -3

Adam
Adam

Reputation: 2122

C# Code for the vb.net answer

var user = System.Security.Principal.WindowsIdentity.GetCurrent().User;
var userName = user.Translate(typeof (System.Security.Principal.NTAccount));

Upvotes: 15

splattne
splattne

Reputation: 104040

You could use this code:

C#

Response.Write("Windows Account which runs ASP.NET is: " 
   + Environment.Username);

VB.NET

Response.Write("Windows Account which runs ASP.NET is: " _
   & Environment.Username)

If you run your application in Visual Studio on your PC (localhost) you'll get your user name. If you deploy ASP.NET web application on IIS, you will probably get the NETWORK SERVICE account, because that is default user running IIS 6.0 (ASPNET on Windows Server 2000's IIS 5.0).

Environment.UserName returns the thread's currently logged-on user. Page.User returns the name that ASP.NET verifies through Authentication and this user in most cases is independent of the Windows logon that is running the current thread. For anonymous requests Page.User is blank, while Environment.User will be NETWORK SERVICE.

As mdb correctly points out in a comment to this answer, Environment.Username will simply return the USERNAME environment variable, which is set on process creation and not updated in case of impersonation and such.

Upvotes: 8

mdb
mdb

Reputation: 52819

To find out which NT account your app is running under at any given time, do something like (in VB.NET):

    Dim User = System.Security.Principal.WindowsIdentity.GetCurrent.User
    Dim UserName = User.Translate(GetType(System.Security.Principal.NTAccount)).Value

When using ASP.NET, this account will match the identity of the application pool, which you configure using IIS Manager. Note that the anonymous IIS user isn't much involved with ASP.NET requests.

Upvotes: 14

Related Questions