Last post Oct 14, 2013 06:54 AM by Rajsasp
Oct 11, 2013 02:42 AM|vdtrip|LINK
I am working on a web application with windows authentication mode. I set it in web.config...
When I run application, it ask for user name and password, I put my system username and password, and It get me logged in successfully.
I am trying to access current username in my application, but I am not getting what I entered, it gave me NT AUTHORITY\SYSTEM as user name.
One more thing, If i run application through Visual Studio, it gives me correct user name, but through IIS, I browse it, it does not give correct user name.
Below is the code that I have written to get current user name..
But it's not giving my system user name.
I am using application pool with v4.0, Integrated and Local System Identity.
Can any one please help me how to get current user name.
Oct 11, 2013 02:59 AM|smirnov|LINK
You need to disable anonymous authentication for your web site in IIS.
Go to IIS
In Features View, double-click Authentication.
On the Authentication page, select Anonymous Authentication.
In the Actions pane, disable Anonymous authentication and make sure that Windows authentication is enabled.
Oct 11, 2013 03:00 AM|shabirhakim1|LINK
Next Open open your web app properties in IIS and llook into below settings for Authentication:
Anonymous Authentication = Disabled
Windows Authentication = Enabled
Oct 11, 2013 03:20 AM|vdtrip|LINK
Yeah, I did as you told, It working fine.
Actually what I am working is an Intranet application, so is there any option to find out username who is logged in on system without asking username and password through windows authentication. It's main purpose is, if an authenticated user is already
logged in on system so we no need to ask again user name and password in application.
Oct 11, 2013 03:24 AM|smirnov|LINK
If you set anonymous off and windows on at IIS and authentication mode="Windows" in the web.config, then it should not ask for the login and password. If it asks, check in IE in Internet Options - Advanced, there’s an option named "Enable Integrated Windows
Authentication", it should be enabled too.
Oct 11, 2013 03:35 AM|vdtrip|LINK
Actually, I am not sure, user will browse IE only, it may be firefox, safari.... So I can not fix it for any particular browser.
"There’s an option named "Enable Integrated Windows Authentication", it should be enabled too"
Oct 11, 2013 03:38 AM|shabirhakim1|LINK
When it is windows authentication You have to have login once with credentials ,So,When first time user logins in to webapplication save his username some where like config
or cookie,then next time validate against that .That mean you will write method which will check whether username is available in resouce configuration/textfile/anywhere (what ever persistance you prefer),if present then take him directly to internal homepage
otherwise ask for credentials. I believe you wil get windows authentication only once.
Fact is that you can think of searching the place where windows save user credentials because it is big security hole for windows then :)
Oct 11, 2013 03:51 AM|smirnov|LINK
Actually, I am not sure, user will browse IE only, it may be firefox, safari....
Does it work with IE, or not? If not, check that settings. When it will work in IE, we can go forward with other requirements.
Oct 14, 2013 06:54 AM|Rajsasp|LINK