IIS Authentication vs. WindowsIdentity

Steve Lynch · Sep 2, 2006

Why do I get different results from WindowsIdentity.GetCurrent().Name than what
is defined for authentication on the IIS virtual directory? For example in IIS6
I have the VD set to Windows Integrated Authentication only, yet the property
WindowsIdentity.GetCurrent().Name or WindowsIdentity.GetCurrent(false).Name
contains "NT AUTHORITY\NetworkService". The server variables seem wrong,
AUTH_USER and REMOTE_USER are empty, but LOGON_USER contains the correct
DOMAIN\USER info.

This seems different than traditional .ASP pages under IIS6.

Thanks.

Joe Kaplan · Sep 2, 2006

Context.User will always contain the authenticated user in ASP.NET.
Context.User is just an IPrincipal (which can be a WindowsPrincipal), so
that it can accomodate other types of authentiation mechanisms like Forms
and such.

WindowsIdentity.GetCurrent will only be the authenticated user in IIS if you
enable impersonation (<identity impersonate="true"/> in web.config).
Impersonation is disabled by default in ASP.NET. This is different from
ASP, which always impersonated and gave you no flexibility in this regard.

If you enable impersonation, Context.User.Identity and
WindowsIdentity.GetCurrent will be the same thing (assuming you are using
Windows auth in ASP.NET and IIS of course).

HTH,

Joe K.

Problem running .IsInRole XP vs 2003	0	Jun 24, 2009
Impersonation using WindowsIdentity( upn ) ctor	6	Feb 22, 2005
Prob: Connecting to MSSQL using windows authentication	7	Apr 20, 2009
No authentication with Server.Transfer("url")	1	Oct 24, 2006
Impersonation with SQL Server SSPI	3	Feb 23, 2010
IIS and FQDN authentication confusion	6	Oct 11, 2005
Authentication pb with IIS7, II7.7	4	Sep 6, 2009
problems understanding Authentication / Authorisation in ASP.NET 2.0.	0	Aug 26, 2008

IIS Authentication vs. WindowsIdentity

Steve Lynch

Joe Kaplan

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads