Get currently logged in user asp.net - asp.net

I´m having a bit of trouble and I would like to see if you all could help me out!
For my WebApp in ASP.net, I need to be able to get the user name.
I had been able to do it through:
user = Principal.WindowsIdentity.GetCurrent.Name.ToString on my developement machine, but when i go to production, it shows ASP.net as user...
I also tried with
user = Context.User.Identity.Name.ToString
and in dev station i get a blank string, and in production, I get "AppPool/ASP.net4.0
Any Ideas as to how i could get this working?
This WebApp is supposed to work in the Intranet.

make sure that you've enabled Windows Authentication in your web.config (check your .config.xxx transforms too). You should see this tag in your web.config:
<system.web>
...
<authentication mode="Windows" />
...
</system.web>

Related

How to enable Windows Authentication for Asp web app?

Windows Authentication seems super simple, but I am still having trouble. So I decided to create a brand new Asp web app project with the Windows Authentication template. Of course, this works. In the designer, <asp:LoginName runat="server" /> works, and in code-behind User.Identity.Name works.
The only setting I can find is in web.config: <authentication mode="Windows"/>.
Back to my own web app project, I verified that I have the same web.config setting. However, the asp.LoginName tag and the User.Identity property have a blank string, i.e., no user name. Also, when using <deny users="?"/>
the page returns a 401.2 Access Denied response.
As I am testing both projects on the same dev machine, both in VS2015, the problem cannot be in settings of IIS Express or VS2015. Also using the same Firefox browser, although I also tried IE.
Is there a project setting in VS2015 that I overlooked?
Update:
I kind of solved this issue by copying all project source files to the brand new Asp web app project. In fact, I was in the process of converting a Web Site project to a Web Application project. I still do not know why I could not get Windows Authentication to work by configuration, but at least I can get going with further development.
However, I am still hoping for an answer . . . :-)
On your Web.config you must add:
<authentication mode="Windows" />
Your server must be a member of AD.
Check:
https://support.microsoft.com/en-us/help/323176/how-to-implement-windows-authentication-and-authorization-in-asp-net
You can write whatever you want in web.config, but if the desired mode of authentication is not enabled in [solution]/.vs/config/applicationhost.config , it will not work. Because the leading dot makes this a hidden path, this config is hard to find. No idea if this is a bug or a feature ...
See also my other question on another test case of this problem: https://stackoverflow.com/a/48806942/1845672

ASPX Login Controls work on everyone's computer except mine

I'm using VSEW 2013 and running windows 10.
I created a login page (Login.aspx) and a signup page (SignUp.aspx). I used the standard controls and did not add any code behind to them. They are out of the box controls.
What works:
Creating an account on signup.aspx page
Validating user login on Login.aspx page
On my computer, after login, it shows that I didn't log in yet. But when my friends test it, they don't have any problems with it.
Here is a drop box link to all of the files and you can test it yourself and see that it works.
https://www.dropbox.com/sh/do3f533s0hacy4x/AADuWBbIBpaxDy7SIPG9_7s6a?dl=0
Username: kyle
password 123456
However, signup.aspx works (well it won't send you an email because I didn't do that yet) so you can create your own account.
I've tried:
Verified that cookies are enables
Disabled Antivirus
Disabled Firewall
Checked Windows Defender (it's off)
Tested in Chrome, Edge, and Firefox.
Deleted all localhost cookies.
I cannot figure out why my computer won't let me log in successfully but everyone else can.
Please help me solve this problem.
Looking at your web.config, for some odd reason this section is there:
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
This section coupled with the fact that your authentication mode is set to forms:
<system.web>
<authentication mode="Forms" />
...
</system.web>
Would make it so that authentication wouldn't work at all, which is like what your describing. Try removing that first section, if you want to keep using Forms Authentication.
It's odd that this configuration would work on other computers, I can't explain that, but I would try removing that section of code where FormsAuthentication is being turned off and see if that helps.

Issue getting ASP.Net and Windows Authentication working on IIS

I have a simple ASP.Net page with VB code running on WIN7 Enterprise VM with IIS 7.5 on which I need to get the visitors domain username on load and store it in a string variable.
The page is hosted internally on our domain and IIS is setup to authenticate anonymously.
I am getting the username with the following code: Environment.Username but of course it always says that the logged on user is IUSR
I installed the Windows Authentication component for IIS but don't know how to get it to work properly. I only started with ASP and IIS last month so I am very new to this. I only want this to apply to a specific folder so I selected it and enabled Windows Authentication, set it NTLM, and disabled Anonymous + ASP Impersenation. That didnt work. I think I tried every combination possible and all I am getting is either error 500, 404 because it tries to redirect to some login page which doesnt exist and sometimes I would get a username/password prompt but even then it wont accept anything
I dont want to prompt users, I just want to pass their existing logon info and open the page. Can someone please tell me how to set this up. I spent all day looking at hundreds of forums and sites and could not get it to work.
I also added the following to the web.config file:
<Identify impersonate="true" />
Thanks
Make sure you specify authorized users in web.config:
<authentication mode="Windows" />
<authorization>
<allow roles="mydomain\someADgroup"/>
<allow users="mydomain\somuser"/>
<allow users="*" /> <!-- if you want it open to anybody, as long as they are authenticated-- on the domain!>
</authorization>

HttpContext.Current.User.Identity.Name returns blank

I am using HttpContext.Current.User.Identity.Name to get the user name when the web application is in use. During development I was using my local iis, with integrated windows authentication enabled and anonymous access enabled and disabled, and I was able to get the username.
Now, when I publish the web application, it comes back blank. The setup on the published server is the same, and I have tried using Page.User.Identity.Name, which also returned blank.
Does anyone know why this is and how to fix it?
You probably had Anonymous Authentication on as well as Windows Authentication. Turn off Anonymous off.
So,
<system.web>
<authentication mode="Windows" />
</system.web>
In IIS config for the app,
look in Authentication tab
Set **Anonymous Authentication** to **Disabled** and
Set **Windows Authentication** to **Enabled**
This should work and the Identity.UserName should now show up properly.
HttpContext.Current.Request.LogonUserIdentity.Name always work for me in VS 2012 environment and IIS 7
To solve the problem, you have to enable the Windows Authentication feature. Follow the below steps:
-Click Start, and then click Control Panel. Open the Programs group.
-Under Programs and -Features, click Turn Windows Features on or off.
-Expand the item labeled Internet Information Services.
-Expand the item labeled World Wide Web Services.
-Expand the item Security ->
Make sure to select Windows Authentication
Also you need to disable Anonymous Authentication from the IIS as follows:
-Click on your application in IIS
-Double click Authentication under IIS group
-Click on Anonymous Authentication
-Click on Disable on the right side under Actions.
Hope this helps
When working with WIF you should use Thread.CurrentPrincipal.Identity.Name instead of User.Identity.Name.
Read more here: http://msdn.microsoft.com/en-us/magazine/ff872350.aspx to learn more about Windows Identity Foundation
Similar question: User.Identity.Name is null after authenticate via WIF
set <authentication mode="Forms"> in web.config file & Your Problem Will solve.
Test your web-site by using below code
if (Page.User.Identity.Name != "" )
{
Label1.Text = "Hello";
}
else
{
Response.Redirect("login.aspx?url=Upload.aspx");
}
This will not solve the original post, but want to put this here anyways in case others stumble across this when searching for why user.identity is returning nothing...
In my case User.Identity started returning nothing after updating a users ad username (specifically the pre-windows 2000 username).
The LSA cache on IIS was the issue. Even after restarting the IIS server while troubleshooting the issue persisted. It was not until adding the registry setting outlined here the the issue was fixed:
https://support.microsoft.com/en-us/help/946358/the-lsalookupsids-function-may-return-the-old-user-name-instead-of-the
For a blank return, my solution ended up being the web.config. I'm using Visual Studio 2010, and the default web.config did not work. I replaced it with a nearly empty web.config and then success! Perhaps the default vs2010 web.config called too many references or configured the IIS incorrectly for the use of User.Identity.Name. My system is Windows7.
Default asp.net web site web.config from vs2010 was about 100-115 lines long. As you can see below the nearly empty web.config is about 20 lines long.
the web.config that i used:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="Doman Name\Group Name" users="" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<security>
<authorization>
<add accessType="Allow" users="" roles="Doman Name\Group Name" />
</authorization>
</security>
</system.webServer>
</configuration>
In IIS: click on your Site.
In Home Page: Authentication.
In Action menu: Open Feature.
Disable Anonymous Authentication.
Restart Site.
steps 1,2,3
step 4

Getting the UserName in MVC3 "internet" application using User.Identity.Name

I've been getting an empty string whenever I try to retrieve the logged in username in my controller. When I first created the app, I selected 'Internet application' template. I also deleted the default account controller, account models and _logon views as I didn't need them. I'm using my own styling, so I removed site.css from the project as well.
After playing around with the web.config for a while, I figured out that "User.Identity.Name" actually works if I change the authentication mode in web.config to windows. If I leave it on 'forms' authentication mode, I only get an empty string whenever I try to get the username.
Recently, I changed the authentication mode to Windows and used User.Identity.Name in one of my controllers to get the user name, but whenever I run the app, I get an error on the browser, stating "localhost/Account/LogOn/..." is not found. (not directing to my usual view) ( I didn't make any changes in Global.asax either.)
If I change the authentication mode back to forms, my view works fine, but I don't get to see the user name (just an empty string). Is there anyway I can find a way around this problem. Is there anything wrong with routing or something ? I can't afford to start over again using "intranet Application" template.
I'm a beginner in MVC, so any help would be greatly appreciated.
Thanks
If you are using asp.net mvc, try System.Environment.UserName
inside your web.config, use
<authentication mode="Windows" />
<identity impersonate="true" />
The error you are getting is because you removed a logon view it still must be refered to somewhere within your application, so if you don't need the logon view, make sure you remove all refences to it from you code.
Internet applications works per default with forms authentication. The purpose of Windows authentication is for intranets, where the web application runs under a windows user. Then the authentication works "automatically".
If you want to have an internet application with registered users, you should put the following configuration in web.config:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
Then you need an AccountController (was there in the default template and you have probably deleted) and a Logon action within the controller. You also need all the views of the account controller (logon, register, change password etc.). The best would be you create a new internet application and check everything that's there. Just copy the stuff you need into your application.
You also need a user database. The default uses an express database with standard tables and stored procedures. If needed, you can use your own tables, then you have to rewrite the methods in the account controller or write your own membership provider.
The reason why you don't see a user name is because you have no login.
EDIT: If you want to display the Windows user name, you should set the authentication mode to windows (or just delete the authentication section, as it is the default). Then you can access the user name. But you will have to delete the tag.
<authentication mode="Windows" />
Sounds like you aren't even authenticating first, so there is no username:
#if (Request.IsAuthenticated) {
<span>#User.Identity.Name</span>
}
else {
<span>You aren't authenticated</span>
}

Resources