Results 1 to 5 of 5

Thread: [RESOLVED] HttpContext.Current.User.Identity.Name

  1. #1

    Thread Starter
    Frenzied Member zuperman's Avatar
    Join Date
    Dec 2000
    Location
    Portugal
    Posts
    1,033

    Resolved [RESOLVED] HttpContext.Current.User.Identity.Name

    I have been trying to perform security validation in a page using the credentials of the domain users ...
    However, when I try to get the value in
    Code:
    HttpContext.Current.User.Identity.Name
    is always returned blank.

    PS: When I run the code in the IDE is returned "domain\user" ... but when the page is hosted on a IIS server, the returned value is always blank.

    Any help? Thx in advance.
    Greetings

  2. #2

    Thread Starter
    Frenzied Member zuperman's Avatar
    Join Date
    Dec 2000
    Location
    Portugal
    Posts
    1,033

    Re: HttpContext.Current.User.Identity.Name

    by the way... What I want to do is ensure that a page can be accessed only by certain users, using the web.config... something like this
    Code:
    		<location path="default1.aspx">
    		<system.web>
    		<authorization>
                            <allow users ="domain\user2" />
                            <allow users ="domain\user1" />
    			<deny users ="*" />
    		</authorization>
    		</system.web>
    		</location>
    i used
    Code:
    System.Security.Principal.WindowsIdentity.GetCurrent().Name
    and this code returns the identity of the IIS Aplication Pool (NETWORK SERVICE)... and not the current User.

    My IIS is configured allowing Anonymous Access, with Integrated Windows Authentication...

    So, the question is: How to validate access to a page using the web.config settings for users who are in a domain?

  3. #3

    Thread Starter
    Frenzied Member zuperman's Avatar
    Join Date
    Dec 2000
    Location
    Portugal
    Posts
    1,033

    Re: HttpContext.Current.User.Identity.Name

    After some research I finally found an answer that solved my problem. I removed the anonymous access in IIS and in web.config added the following:
    Code:
    <authentication mode="Windows"/>
    <identity impersonate="true"/>
             <authorization>
                 <allow users ="krypton\zuperman" />
                 <deny users ="*" />
             </ authorization>
    I tested using the following code:
    Code:
    Imports System.Security
    
        Protected Sub Page_Load (ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
             As String Dim authUserName
             As String Dim aspUserName
             authUserName = User.Identity.Name
             aspUserName = Principal.WindowsIdentity.GetCurrent.Name
             authUserPrincipalLabel.Text = "You are" & authUserName
             aspPrincipalLabel.Text = "This page runs as:" & aspUserName
         End Sub
    Both labels returns the current user...

    When I try to enter a user that is not set to access in the web.config, IIS shows the access denied error ... exactly how it should do.

    I hope I have solved my problem, however, like to keep the topic open to see if I can get other opinions...

    Thx

  4. #4
    PowerPoster gep13's Avatar
    Join Date
    Nov 2004
    Location
    The Granite City
    Posts
    21,963

    Re: HttpContext.Current.User.Identity.Name

    Hey,

    Looks like you got the answer, that I was just in the process of typing (only just read your last post) and what you have is perfectly valid.

    Gary

  5. #5

    Thread Starter
    Frenzied Member zuperman's Avatar
    Join Date
    Dec 2000
    Location
    Portugal
    Posts
    1,033

    Re: HttpContext.Current.User.Identity.Name

    Resolved

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width