locked
Lightswitch app pool identity shows as logged on user RRS feed

  • Question

  • I have a Lightswitch 3-tier web deployment and I'm stuck on the auth piece. I've played with IIS and tried every config I can think of, but after I publish to the web, it always shows the app pool identity as the user in the top/right side of the browser. The only way I can get the ID to "pass through" is to enable impersonation which I know isn't correct. Even with impersonation enabled, the Administration tab doesn't show with the ID I assigned as the administrator after the initial publish.

    Have you seen this? I've tried this on multiple deployments, re-read the guides, re-read the LightSwitch book auth chapter, still to no avail.

    Also, I find it curious that when I drop this code in a test.aspx it shows that my ID is indeed getting passed:

    <%= User.Identity.Name %>

    But when I put this in, it shows the app pool ID:

    <%= Environment.UserName %>

    It's like Lightswitch is reading the Environment.Username (which will always be the app pool) instead of the user being passed by IWA.

    What do you think is going on here? I've relegated to NTLM at this point to make it "easy" (abandoning Kerberos for now) and it still doesn't work.

    I have a great app that I'm ready to deploy, but I need to get security setup for it.

    Monday, November 4, 2013 6:03 PM

Answers

  • Hi oogabooga

    Deployment in IIS always is difficult, because there are so many hardware & software variables outside of LightSwitch that can affect publishing.

    You could follow the instructions in the post below,  the trace.axd will show some hints to troubleshoot,

    Diagnosing Problems in a Deployed 3-Tier LightSwitch Application (Eric Erhardt)

    At the same time you can also learn LightSwitch Authentication and Authorization here.

    Moreover, Azure Web Sites are configured properly, you can also consider publishing LightSwitch Apps to Azure,

    Regards


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. <br/> Click <a href="http://support.microsoft.com/common/survey.aspx?showpage=1&scid=sw%3Ben%3B3559&theme=tech"> HERE</a> to participate the survey.

    • Marked as answer by Angie Xu Monday, November 25, 2013 2:09 AM
    Tuesday, November 19, 2013 8:16 AM

All replies

  • The fact that Environment.UserName provides the app pool identity is quite normal. 

     System.Security.Principal.WindowsIdentity.GetCurrent().Name would give also the app pool identity.

    Did you correctly specified Windows Authentication in the lightSwitch property screen?

    Is Windows auth enabled on your IIS ?

    Is everything working correctly when you use forms auth?


    paul van bladel

    Monday, November 4, 2013 6:34 PM
  • Hi oogabooga

    Deployment in IIS always is difficult, because there are so many hardware & software variables outside of LightSwitch that can affect publishing.

    You could follow the instructions in the post below,  the trace.axd will show some hints to troubleshoot,

    Diagnosing Problems in a Deployed 3-Tier LightSwitch Application (Eric Erhardt)

    At the same time you can also learn LightSwitch Authentication and Authorization here.

    Moreover, Azure Web Sites are configured properly, you can also consider publishing LightSwitch Apps to Azure,

    Regards


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place. <br/> Click <a href="http://support.microsoft.com/common/survey.aspx?showpage=1&scid=sw%3Ben%3B3559&theme=tech"> HERE</a> to participate the survey.

    • Marked as answer by Angie Xu Monday, November 25, 2013 2:09 AM
    Tuesday, November 19, 2013 8:16 AM