33
votes

I want to get user name using Windows authentication

Actually I implemented "Sign in as different user",when click this button Windows security will appear there we can give credentials.

In that time if I give some other credential it is taking current user name only. How to get that given credential user name from windows security?

Host application in IIS then anonymous authentication has disabled and windows authentication was enabled.

web.config:

<system.web>
    <compilation debug="true" targetFramework="4.0" />
  <identity impersonate="true"/>
  <authorization>
      <allow users="*"/>
      <deny users="*"/>
  </authorization>
</system.web>
<system.webServer>
    <directoryBrowse enabled="true" />
    <security>
        <authentication>
            <anonymousAuthentication enabled="false" />
            <windowsAuthentication enabled="true" />
        </authentication>
    </security>

.cs

Here I am getting the default User name always

string fullName = Request.ServerVariables["LOGON_USER"];

Any ideas? Thanks in advance

8

8 Answers

37
votes

You can get the user's WindowsIdentity object under Windows Authentication by:

WindowsIdentity identity = HttpContext.Current.Request.LogonUserIdentity;

and then you can get the information about the user like identity.Name.

Please note you need to have HttpContext for these code.

37
votes

These are the different variables you have access to and their values, depending on the IIS configuration.

Scenario 1: Anonymous Authentication in IIS with impersonation off.

HttpContext.Current.Request.LogonUserIdentity.Name    SERVER1\IUSR_SERVER1 
HttpContext.Current.Request.IsAuthenticated           False                    
HttpContext.Current.User.Identity.Name                –                        
System.Environment.UserName                           ASPNET                   
Security.Principal.WindowsIdentity.GetCurrent().Name  SERVER1\ASPNET

Scenario 2: Windows Authentication in IIS, impersonation off.

HttpContext.Current.Request.LogonUserIdentity.Name    MYDOMAIN\USER1   
HttpContext.Current.Request.IsAuthenticated           True             
HttpContext.Current.User.Identity.Name                MYDOMAIN\USER1   
System.Environment.UserName                           ASPNET           
Security.Principal.WindowsIdentity.GetCurrent().Name  SERVER1\ASPNET

Scenario 3: Anonymous Authentication in IIS, impersonation on

HttpContext.Current.Request.LogonUserIdentity.Name    SERVER1\IUSR_SERVER1 
HttpContext.Current.Request.IsAuthenticated           False                    
HttpContext.Current.User.Identity.Name                –                        
System.Environment.UserName                           IUSR_SERVER1           
Security.Principal.WindowsIdentity.GetCurrent().Name  SERVER1\IUSR_SERVER1 

Scenario 4: Windows Authentication in IIS, impersonation on

HttpContext.Current.Request.LogonUserIdentity.Name    MYDOMAIN\USER1
HttpContext.Current.Request.IsAuthenticated           True          
HttpContext.Current.User.Identity.Name                MYDOMAIN\USER1
System.Environment.UserName                           USER1         
Security.Principal.WindowsIdentity.GetCurrent().Name  MYDOMAIN\USER1

Legend
SERVER1\ASPNET: Identity of the running process on server.
SERVER1\IUSR_SERVER1: Anonymous guest user defined in IIS.
MYDOMAIN\USER1: The user of the remote client.

Source

7
votes

This should work:

User.Identity.Name

Identity returns an IPrincipal

Here is the link to the Microsoft documentation.

3
votes

It depends on the configuration of the application as well as on IIS as this gentleman in the below link has rightfully explained. Please see his article below

http://richhewlett.com/2011/02/15/getting-a-users-username-in-asp-net/

1
votes

You can read the Name from WindowsIdentity:

var user = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
return Ok(user);
0
votes

I think because of the below code you are not getting new credential

string fullName = Request.ServerVariables["LOGON_USER"];

You can try custom login page.

0
votes

Username you get like this:

var userName = HttpContext.Current.Request.LogonUserIdentity?.Name;
-1
votes

declare below code in your View page / _Layout.cshtml:

@using System.DirectoryServices.AccountManagement

@{
    var context = new PrincipalContext(ContextType.Domain);
    var principal = UserPrincipal.FindByIdentity(context, User.Identity.Name);
    var userName = @principal.GivenName + " " + @principal.Surname;
}