Hi, I'm writing a sharepoint web part. It writes logs into a file (by using StreamWriter). However, logs are written only for users whose accounts are administrators on the server hosting the web part. I want to detect which account (probably not by using SPUser) is executing web part's code, so that I can have logs generated for less privileged users. Is that possible?
Thanks
The Framework provides a WindowsIdentity class that represents an authenticated Windows user and a WindowsPrincipal class that encapsulates the WindowsIdentity and information about the user's role memberships.
This snippet would get you the groups that user belongs to.
var id = System.Security.Principal.WindowsIdentity.GetCurrent();
IdentityReferenceCollection irc = id.Groups;
foreach (IdentityReference ir in irc)
Console.WriteLine(ir.Value);
There are some ways which goes to the same result:
Request.LogonUserIdentity HttpContext.Request.LogonUserIdentityPage.User.IdentityI think one from there must works on the Sharepoint server. Which on will work depend on context where you want include the code you should place a breakpoint on the place you needed and thy to see one of construction above in the watch window. If one from there works you'll receive an object of the type System.Security.Principal.WindowsPrincipal which gives you all what you needs. For example, Name property is the Username. Groups property is the list of SecurityIdentifier which corresponds to groups to which user belong. One can use NTAccount class to convert SecurityIdentifier to name. (see for example, http://stackoverflow.com/questions/2495185/i-have-a-sid-of-a-user-account-and-i-want-the-sids-of-the-groups-it-belongs-to)