Get Username for logged in user

Question

User956283708 posted
I am having trouble getting a logged in username to use on an intranet site. If I use User.Identity.Name.ToString I get a blank.

 If I use Environment.UserName.ToString  I get "Network Service".

If I run the application in debug locally I get the Domain\username but not when I run it on our intranet.

 

Thanks

 

Answer 1

User-990694832 posted

Check out

http://forums.asp.net/t/1169026.aspx

Hope this helps

DK

Answer 2

User956283708 posted

We are not using membership controls if that is what you are assuming. That forum thread seems to be using the membership class.

Answer 3

User-833064204 posted

It probably has to do with impersonation and IIS settings. When you develop, you probably have this in your web.config:

<identity impersonate="true"/>

<authentication mode="Windows"/>

 But when you move the app to production (on your intranet) you may need to comment these out, and configure IIS to use Windows Authentication and not allow anonymous users.

 

Answer 4

User113421904 posted

Hi,

In ASP.NET, please use User.Identity.Name to get the logon user. User.Identity.Name might be empty if Anonymous Authentication is enabled in IIS.

http://msdn.microsoft.com/en-us/library/system.web.httpcontext.user.aspx

Here is the logical to check if the identity is available.

VB.NET

' Gets the name if authenticated.
If User.Identity.IsAuthenticated Then
    Label1.Text = User.Identity.Name
Else
    Label1.Text = "No user identity available."
End If

C#

' Gets the name if authenticated.
if (User.Identity.IsAuthenticated)
    Label1.Text = User.Identity.Name;
else
    Label1.Text = "No user identity available.";

Environment.UserName is the running thread identity. If you have enabled Impersonation as Mark said, you can find out the returning result will be different. However this requires ASP.NET Impersionation. If you don't need ASP.NET Impersonation and dealing with the thread identity, you can ignore Environment.UserName if and just use User.Identity.Name.

Answer 5

User956283708 posted
Thank you, that seems to be the issue with IIS which I am working to change as I do get a "No user identity available" . What about the

Request.ServerVariables.Item("Auth_User") mechanism?

Will that operate under the same IIS rules?

Answer 6

User113421904 posted

Hi Ronhawker,

The server variable Auth_User is equivalent to User.Identity.Name when you are using Windows Authentication.

Answer 7

User956283708 posted

I have tried all of the following and still get no user identity. The application requirement got hot again so I am revisiting.

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)

'Label1.Text = Request.LogonUserIdentity.Name.ToString

'Label1.Text = HttpContext.Current.User.Identity.Name.ToString

'Label1.Text = Environment.UserName.ToString

'Label1.Text = Request.ServerVariables.Item("Auth_User")

' Gets the name if authenticated.

If User.Identity.IsAuthenticated Then

Label1.Text = User.Identity.Name

Else

Label1.Text = "No user identity available."

End If

End Sub

Answer 8

User-84138194 posted

i was also getting the same error.I did following things and it start working :)

Uncheck the Anonymous Access in IIS

Removed  <allow users="*"/> from Authorization section in web.config

 

Answer 9

User-48124152 posted

<authentication mode="Windows"/> <!--  <---- do you have this part? -->
        <authorization>
            <deny users="?"/>
        </authorization>

Answer 10

User-1399059949 posted

I'm also facing the same issue in my asp.net webservice and this is what I have in web.config file

<authentication mode="Windows" />
    <!--

Any help will be br greatly appreciated.

Answer 11

User-1086287804 posted

I am facing the same issue.

I want to have windows authentication. If a user is authenticated from the active directory, I check if the person is active in SAP. If the person is not active in SAP then I want to give them a login box to scan their employee card with ID on.Then I want to authenticate that with AD and then set them as the current HttpContext user.

 

Any help will be greatly appreciated.

Answer 12

User1623409651 posted

Hi,

Try the below

Dim User As System.Security.Principal.IPrincipal
User = System.Web.HttpContext.Current.User

 

Hope it helps

 

Best Regards 

Answer 13

User-1086287804 posted

I am using  c#. I have that code after the user login using the login window. Should I have windows authentication or form authenitication turned on in the web.config file. Currently I have windows authenitcation on.

Answer 14

User1285974379 posted

use the following , may be helpful

 

user =

this.Context.Request.LogonUserIdentity.Name

Answer 15

User-1921245745 posted

I have tried all above option with all combinations one by one and setting Anonymous user accedd to UNCHECK.

lblUserName.Text = this.Context.Request.LogonUserIdentity.Name;
lblUserName1.Text = User.Identity.Name;
lblUserName2.Text = Request.LogonUserIdentity.Name;

All this work but only problem is it asking me to login again while we access that site from sharepoint. I do not want it to ask for credentials again. Also I had observe  that, If I provide credentials again then it displays the  name of the user for whome we have provided credentials. So in that case some times the user actually logged in and displayed in our web part are different. Also If we do Sign In using Differernt user, the user name does not change.

Please provide any work around if you have.

Answer 16

User-1340885213 posted

Should I have windows authentication or form authenitication turned on in the web.config file. Currently I have windows authenitcation on.

 

It depends on your requirements. If you build an intranet Windows Authentication is fine.

Actually this thread starts from Windows Authentication and intranet question, so I felt it would be proper this answer here.

First of all : The Windows operating system has a role system built into it. This Windows security group system is an ideal system to use when you are working with intranet-based applications where you might have all users already in defined roles. This, of course, works best if you have anonymous authentication turned off for your ASP.NET application, and you have configured your application to use Windows Authentication.

 Secondly, when Windows authentication is in use, there are some limitations regarding username, Role etc. Why? Some limitations exist when using WindowsTokenRoleProvider. This is a read-only provider because ASP.NET is not allowed to modify the settings applied in the Windows security group system. This means that not all the methods provided via the RoleProvider abstract class are usable when working with this provider. From the WindowsTokenRoleProvider class, the only methods you have at your disposal are IsUserInRole and GetUsersInRole.

Thirdly, consider the authenticate mode:

<system.web>
<authentication mode="Windows|Forms|Passport|None">
</authentication>
</system.web>

Fourthly, which is what?

Windows authentication is used together with IIS authentication. Authentication is performed by IIS in the following ways: basic, digest, or Integrated Windows Authentication. When IIS authentication is complete, ASP.NET uses the authenticated identity to authorize access. This is the default setting.

On the contrary, in case of Forms authentication, Forms Requests that are not authenticated are redirected to an HTML form using HTTP client-side redirection. The user provides his login information and submits the form. If the application authenticates the request, the system issues a form that contains the credentials or a key for reacquiring the identity.

Lastly, to get back to the beginning, where this thread starts, if one uses Windows authentication for an intranet site, you need to check the IIS settings to get back Username later. So make sure your IIS authenticaton process is complete.

Best of luck to all.