IIS - Capture user logged on machine without using Windows authentication

Question

IIS - Capture user logged on machine without using Windows authentication

Navigation

#1 by (0 votes)

0

I have a site that uses the user logged in to the computer to validate which features it will have access to within the site. To capture the user logged in to the machine I am using the code below, I had to change the authentication of IIS for Windows Authentication, however it is requesting username and password when accessing the site for the first time.

string userNameWindows = this.Context.Request.LogonUserIdentity.Name;

How do I capture the user logged in to the machine without requesting login / password on the first access.

c# iis

asked by anonymous 26.12.2017 / 16:50

1 answer

Force javascript file update without disabling cache Error with vectors c # / {"Object reference not set to an instance of an object."}

score 0 · Accepted Answer

If you want to check the Windows user with Forms Authentication, you can use this code:

System.Security.Principal.WindowsIdentity.GetCurrent().Name.Tostring()

But it is not safe. Easily the value of this method will be NT AUTHORITY \ SYSTEM or the user configured to run the application in IIS. This is because authentication is with the impersonate property enabled.

Also try this code:

System.Security.Principal.WindowsPrincipal user;
user = new WindowsPrincipal(this.Request.LogonUserIdentity);
this.Request.LogonUserIdentity.Impersonate();
user_name = user_name.Substring(user_name.LastIndexOf("\") + 1);

If none of the cases helps you, take a look at this link in English: link