tags:

views:

244

answers:

3
Q: 

Get the user's identity with no authentication

I have an ASP.NET app that writes files to a NETAPP. It's finicky, and the only way we could get it to work was to set <identity impersonate="true"/> and remove the <authentication.../> tag in web.config. This allows the app to write to the NETAPP (with the appropriate monkeying of permissions behind the scenes), but now my app can't tell who is actually using it. Is there another way to get the user's ID without forcing them to log in? This is an internal app, so it would only be run from workstations with a logged in user. Any ideas?

Edit: I'm not an IIS expert, but I believe the app was set up to run under a certain privileged account to get it to work. I'm also looking for alternate ways to set this up if there is no way to get the user's ID.

+3  A: 
  • Set authentication to 'Windows' in your web.config
  • Turn off 'Anonymous access' for the web site in IIS
  • Turn on 'Integrated Windows Authentication' for the website in IIS
  • Leave the identity impersonation turned on in your web.config

I believe that will do what you need.

John MacIntyre  2009-02-12 18:30:29
A: 

One possibility is for me to move the writing portion to a web service, so that the service can get all the necessary permissions without affecting how my app functions. It's a lot of work, though, so I'm hoping for a simpler answer.

gfrizzle  2009-02-12 18:30:30
A: 

If you have Integrated Windows Authentication then

string username = HttpContext.Current.Request["LOGON_USER"];

Edit based on comments; Maybe the solution you actually want it so disable impersonation for the entire application and only impersonate the required bits that need to be impersonated.

See this page for some additional details on how to accomplish this.

http://www.west-wind.com/WebLog/posts/1572.aspx

Bob  2009-02-12 18:32:38
The problem is that I have to turn off Windows Authentication to get it to write to the NETAPP, so this won't work.
gfrizzle  2009-02-12 18:38:56
See my updated answer. Maybe you should use a solution like the link offers for writing to NETAPP
Bob  2009-02-12 18:54:10

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps