CODEWITHSUNDEEP
c#asp.netwindows-server-2008
Tassisto
Tassisto

Reputation: 10345

How to get current user who's accessing an ASP.NET application?

To get the current logged in user at the system I use this code:

string opl = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();

I work on an ASP.NET application where I need this information. So I've put my application on a server and tried the code above, and I get "Network Service" in the string opl. I need to know the current user of the PC who accesses my ASP.NET application.

Upvotes: 38

Views: 250599

Answers (8)

Robert
Robert

Reputation: 3302

If you're using membership you can do: Membership.GetUser()

Your code is returning the Windows account which is assigned with ASP.NET.

Additional Info Edit: You will want to include System.Web.Security

using System.Web.Security

Upvotes: 20

George
George

Reputation: 693

I ran in the same issue.

This is what worked for me:

Setting up Authentication in IIS Panel

Setting up Properties of Windows Authentication in IIS

Setting up Properties of Windows Authentication in IIS NTLM has to be the topmost

NTLM has to be the topmost. Further Web.config modifications, make sure you already have or add if these do not exist:

<system.web>

  <authentication mode="Windows" />
  <identity impersonate="true"/>

</system.web>

 <!-- you need the following lines of code to bypass errors, concerning type of Application Pool (integrated pipeline or classic) -->

<system.webServer>
   <validation validateIntegratedModeConfiguration="false"/>
</system.webServer>

See below a legit explanation for the two nodes and

Difference between <system.web> and <system.webServer>?

And, of course , you get the username by 

//I am using the following to get the index of the separator "\\" and remove the Domain name from the string
int indexOfSlashChar = HttpContext.Current.User.Identity.Name.IndexOf("\\"); 

loggedInWindowsUserName = HttpContext.Current.User.Identity.Name.Substring(indexOfSlashChar + 1);

Upvotes: 1

BruceK
BruceK

Reputation: 190

The general consensus answer above seems to have have a compatibility issue with CORS support. In order to use the HttpContext.Current.User.Identity.Name attribute you must disable anonymous authentication in order to force Windows authentication to provide the authenticated user information. Unfortunately, I believe you must have anonymous authentication enabled in order to process the pre-flight OPTIONS request in a CORS scenario.

You can get around this by leaving anonymous authentication enabled and using the HttpContext.Current.Request.LogonUserIdentity attribute instead. This will return the authenticated user information (assuming you are in an intranet scenario) even with anonymous authentication enabled. The attribute returns a WindowsUser data structure and both are defined in the System.Web namespace

        using System.Web;
        WindowsIdentity user;
        user  = HttpContext.Current.Request.LogonUserIdentity;

Upvotes: 1

Osanda Deshan Nimalarathna
Osanda Deshan Nimalarathna

Reputation: 83

You can simply use a property of the page. And the interesting thing is that you can access that property anywhere in your code.

Use this:

HttpContext.Current.User.Identity.Name

Upvotes: 7

peter_the_oak
peter_the_oak

Reputation: 3710

Don't look too far.

If you develop with ASP.NET MVC, you simply have the user as a property of the Controller class. So in case you get lost in some models looking for the current user, try to step back and to get the relevant information in the controller.

In the controller, just use:

using Microsoft.AspNet.Identity;

  ...

  var userId = User.Identity.GetUserId();
  ...

with userId as a string.

Upvotes: 3

Santiago Diaz
Santiago Diaz

Reputation: 283

Using System.Web.HttpContext.Current.User.Identity.Name should work. Please check the IIS Site settings on the server that is hosting your site by doing the following:

  1. Go to IIS → Sites → Your Site → Authentication

    IIS Settings

  2. Now check that Anonymous Access is Disabled & Windows Authentication is Enabled.

    Authentication

  3. Now System.Web.HttpContext.Current.User.Identity.Name should return something like this:

    domain\username

Upvotes: 26

BenCr
BenCr

Reputation: 6052

The quick answer is User = System.Web.HttpContext.Current.User

Ensure your web.config has the following authentication element. 

<configuration>
    <system.web>
        <authentication mode="Windows" />
        <authorization>
            <deny users="?"/>
        </authorization>
    </system.web>
</configuration>

Further Reading: Recipe: Enabling Windows Authentication within an Intranet ASP.NET Web application

Upvotes: 60

Deepak Kothari
Deepak Kothari

Reputation: 1753

The best practice is to check the Identity.IsAuthenticated Property first and then get the usr.UserName like this:

string userName = string.Empty;

if (System.Web.HttpContext.Current != null && 
    System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
    System.Web.Security.MembershipUser usr = Membership.GetUser();
    if (usr != null)
    {  
        userName = usr.UserName;
    }
}

Upvotes: 11

Related Questions