How to use WindowsIdentity.Impersonate to get the user's login, rather than the ASPNET account

Question

I have a web-app that will reside on a production server where I want to get the user's logged in computer name, circa

DOMAINNAME/USERNAME

Many people have told me that I must use Impersonation/Delegation in order to get this, but no details beyond that have been provided. Originally, my tests used:

Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name & " \n")
Response.Write("Windows Identity: " & WindowsIdentity.GetCurrent.Name & " \n")
Response.Write("Thread: " & Thread.CurrentPrincipal.Identity.Name & " \n")
Response.Write(Request.ServerVariables("LOGON_USER"))
Response.Write(User.Identity.Name)

Which yields valid results on my local cassini server, but not when published. Adding the following line:

Dim ctx As WindowsImpersonationContext = WindowsIdentity.Impersonate(IntPtr.Zero)

changes the WindowsIdentity to

SERVERNAME\ASPNET

However, I wish for the current user's (not the server's) username. How can I manipulate the impersonation class to give me this?

EDIT: The solution provided, in the comments by Heinzi, seems to be correct. However, I believe this is IE6 only. The company I work for may be moving to IE8 in the near future and I wish to ensure functionality across IE 6/7/8 at the very least. Is this possible?

Answer 1

You need to

• activate Windows Integrated Authentication in IIS,
• turn off anonymous users either in IIS or in your web.config file (<authorization> section),
• add <identity impersonate="true" /> in the <system.web> section of your web.config.

EDIT: This question shows relevant parts from the web.config.