0

I'm coming across a peculiar request: I have a website that uses Forms Authentication, but it now needs to grab the WindowsPrincipal (Windows Authentication) at some point in order to reuse it.

My first instinct was to create a new page, and to disable Anonymous Access on IIS for that precise page. When I'm on that page, Request.ServerVariables["LOGON_USER"] gives me the current Windows login name as expected.

Unfortunately, Context.User still gives me a GenericPrincipal.

Any idea on how I could get the current WindowsPrincipal in a FormsAuthentication Application? (recreating it by asking the user for his password is not an option)

Luk
  • 5,371
  • 4
  • 40
  • 55

1 Answers1

-1

Found it: Context.Request.LogonUserIdentity is what should be used in this scenario.

It will return the windows user that made the request if Anonymous Access is disabled on IIS (otherwise it'll return the IIS anonymous user).

For those interested on how to reuse it:

lblUserName.Text = WindowsIdentity.GetCurrent().Name; 
    // will return the ASP.Net user (that's useless to us)

WindowsIdentity id = Context.Request.LogonUserIdentity;
WindowsImpersonationContext ctx = id.Impersonate();
try
{
    lblUserName.Text = WindowsIdentity.GetCurrent().Name;
        // will return the correct user

    // (...) do your stuff
}
finally
{
    ctx.Undo();
}
Luk
  • 5,371
  • 4
  • 40
  • 55
  • For me, the LogonUserIdentity returns the ASP.Net user (which is the app pool identity). Anything else you had to do to get LogonUserIdentity to return the current forms authenticated user? (I'm using MVC). – goku_da_master Jun 07 '13 at 15:33
  • both returning the same ASP.NET user – SaQiB Apr 10 '14 at 04:59