Last post May 01, 2019 02:11 PM by Navi0113
Apr 30, 2019 02:39 PM|Navi0113|LINK
I just created a website in ASP.NET Core for learning purpose and now I am trying to host it on IIS.
The website requires Windows Authentication but there are couple of issues I am unable to sort out.
1) When I try to access the website from the server itself (a test server running Windows 2012, IIS), it uses "IIS AppPool\<SiteName> as current user instead of currently logged in user
2) When I try to access it from a client machine (in the same domain), it refuses authentication saying that the user is not authorized, and
3) If I try to access the website from the client PC using admin credentials, the website is loaded but again with the same user i.e. IIS AppPool\<sitename>
May 01, 2019 05:57 AM|Xing Zou|LINK
You could use `User.Identity.Name` which is always the authenticated user identifier.
For Configure Windows Authentication in ASP.NET Core, you also need to enable Windows Authentication and disable
Anonymous Authentication in your IIS site->Authentication settings.
In project launchSettings.json, set "windowsAuthentication" to true and "anonymousAuthentication" to false.
May 01, 2019 02:11 PM|bruce (sqlwork.com)|LINK
asp.net core does not support windows impersonation. the thread identity is always the app pool identity. as suggested you use the asp.net core user identity instead. IIS just passes the windows identity token to the asp.net core app. because this is only
supported when running under IIS, you must configure it.
May 02, 2019 04:17 PM|Navi0113|LINK
I changed to User.Identity.Name from what I was using earlier (System.Environment.UserName).
While both the above answers helped, I still can't solve the this issue:
Has this something to do with Impersonation that is mentioned above?