locked
IUSR coming as Login instead of actual username RRS feed

  • Question

  • User-2083393036 posted

    Hi experts,

    I am very new to Asp.net programming.This may be a very silly and simple question.

    Created a simple web application and published in IIS, When running the application from local, it is running successful. After i published in to IIS. the login name is coming as IUSR instead of actual window login.

    Code snippet used for Login user:-

    String windowsIdentity= System.Security.Principal.WindowsIdentity.GetCurrent().Name;

    Your inputs will help me really.

    Thanks in advance.

    Tuesday, April 10, 2018 5:24 PM

Answers

  • User753101303 posted

    A bit unclear. I assume you mean that it works fine except for getting the user name on the server side ?

    You'll never be able to get that if you keep using "anonymous authentication" (which means authentication information is not required so the browser doesn't bother to send that).

    If using Windows authentication (which is precisely intended for "intranet applications") this authentication information is sent automatically to all web sites found in the same "intranet zone" and you won't see any popup (at least for IE and Chrome, FF might require a configuration to enable this).

    Edit:  a bit old you have a check list at https://support.microsoft.com/en-us/help/258063/internet-explorer-may-prompt-you-for-a-password

    For now it likely fails at step 1 as "anonymous authentication" is still enable and attempted first.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, April 10, 2018 11:22 PM

All replies

  • User475983607 posted

    User.Identity.Name

    Tuesday, April 10, 2018 5:32 PM
  • User753101303 posted

    Hi,

    Use User.Identity.Name instead. It is always the authenticated user regardless of which authentication method is used (if blank and IsAuthenticated is false, web site authentication is not correctly configured).

    What you are using now *could* be sometimes the value you want but it highly depends on other unrelated site configuration choices. Strictly speaking it is just the Windows account under which your server side code runs. It appears to work locally  as typically the code runs under your own account in a dev environment.

    Tuesday, April 10, 2018 5:49 PM
  • User-2083393036 posted

    It is coming blank,

    HttpContext.Current.User.Identity.Name;

    Tuesday, April 10, 2018 5:58 PM
  • User753101303 posted

    I assume you want to use "Windows authentication"? For now you are still using "Anonymous authentication". See https://www.codeproject.com/Tips/723357/Enabling-SSL-with-IIS-Express-in-Visual-Studio . This article is for SSL but note that the same window allows to disable "Anonymous authentication" and enable "Windows authentication" (it should update your web.config file).

    Or see https://www.c-sharpcorner.com/UploadFile/4b0136/introducing-various-authentication-options-in-visual-studio/ for details about other options. 

    Tuesday, April 10, 2018 8:22 PM
  • User-2083393036 posted

    Hi PatriceSc,

    I tried variable option, I missing to connect the dots. Here the IIS setting and web config details

    IIS Setting:

    Anonymous Authentication : Enabled, Edit:-> Anonymous  user identity -> Specific User-> Domain/Username

    Asp.Net Impersonation: Enabled, Edit -> Identity to impersonate -> Specific user-> Domain/Username

    C# code to get username:-

     String windowsIdentity = HttpContext.Current.User.Identity.Name;
    <identity impersonate="true" password="Password" userName="Domain\Username" />

    Please help me with your thoughts.
    Tuesday, April 10, 2018 9:07 PM
  • User753101303 posted

    On the IIS side this is https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/#how-to

    ie "Anonymous Authentication" should be "Disabled" and enable "Windows authentication". If "Windows authentication" is not shown in the list, it needs to be "installed" (also explained earlier in the above link).

    Tuesday, April 10, 2018 9:50 PM
  • User-2083393036 posted

    Hi, We don't want to enable "Window authentication" as it is Intranet application. We don't to pop up windows login every time.  Eveything working fine, I am not able to bring the Window username without window authentication.

    Tuesday, April 10, 2018 10:01 PM
  • User753101303 posted

    A bit unclear. I assume you mean that it works fine except for getting the user name on the server side ?

    You'll never be able to get that if you keep using "anonymous authentication" (which means authentication information is not required so the browser doesn't bother to send that).

    If using Windows authentication (which is precisely intended for "intranet applications") this authentication information is sent automatically to all web sites found in the same "intranet zone" and you won't see any popup (at least for IE and Chrome, FF might require a configuration to enable this).

    Edit:  a bit old you have a check list at https://support.microsoft.com/en-us/help/258063/internet-explorer-may-prompt-you-for-a-password

    For now it likely fails at step 1 as "anonymous authentication" is still enable and attempted first.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, April 10, 2018 11:22 PM
  • User-2083393036 posted

    Thanks for your time PatriceSc. Finally resolved.!!!

    Wednesday, April 11, 2018 8:39 AM