Security

Re: Windows authentication shows wrong user name

elmonty — Fri, 13 Jan 2006 04:06:44 GMT

The problem was my fault. Don't use static member variables. They are not specific to a single user session.

Re: Windows authentication shows wrong user name

mikaelk — Wed, 11 Jan 2006 09:11:18 GMT

Hi!

I have the same problem that I am promted to enter username/password/domain, but if I enter that, everything works fine.

The difference might be that I get the username another way than you, I use:

System.Security.Principal.WindowsIdentity.GetCurrent().Name

in order to get the logged in users name. You can always try and see if this helps you with question 2.

BR / Mikael

Re: Windows authentication shows wrong user name

thinhhangdieu — Tue, 10 Jan 2006 03:44:34 GMT

Me too, who can explain me this problem.
Please, I'm really need your help.
Thank you
thinhhangdieu@yahoo.com

Re: Windows authentication shows wrong user name

elmonty — Tue, 27 Dec 2005 22:24:33 GMT

Here's some more info:

If nobody accesses the site, then I access it and log in, it shows my correct ID. But if another person then accesses the site, they see MY name. A few minutes later, if a third person accesses the site, they see the second person's name.

PLEASE HELP!

Windows authentication shows wrong user name

elmonty — Tue, 27 Dec 2005 19:42:24 GMT

I'm using windows authentication on an intranet to identify users to the application. I'm having the following problems:

1. When someone accesses the web site, a logon dialog box shows up. I thought if the user is already logged on, this shouldn't happen.

2. Even if I type my user name and password into the dialog box, the web site lets me in but shows somebody else's user name. It's as if the web site remembers the last person that accessed it.

I have session state disabled for this virtual directory in IIS.

I have both Integrated Windows authentication and Digest authentication enabled in IIS.

My web.config looks like this:

<authentication mode="Windows" />
<identity impersonate="true" />

I am retrieving the user name in the web application in a standalone class:

using System;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Text;

namespace timesheets
{
     /// <summary>
     /// Summary description for RoleCheck.
     /// </summary>
     public class RoleCheck
     {
          private static string _userid = "";

          public static string UserID()
          {
               if (_userid == "")
               {
                    string name = HttpContext.Current.User.Identity.Name;

                    int slash = name.IndexOf("\\");

                    if (slash >= 0)
                         name = name.Substring(slash + 1);

                    _userid = name;
               }

               return _userid;
          }

     }
}