want windows log in user name in web services C# asp.net

Question

I have a web site from where I fire a mail to members in my offices

This mail have a yes no button.

on click of yes/no button I call a web service, my yes no link looks somewhat like this

<a href="http://xxxxx/xxxxx/votCatWSer.asmx/takevotingOpt?yesNo=yes&sNo=1">yes</a>

Now users i.e. my office staff will login their system open their outlook find this mail and then click it.

After they click, takevotingOpt method in my web service will be called. In this method I want to know, from which user this call has came. so that I can maintain record in database like xyz user has voted yes/no

say for e.g. their are two members in my organisation A and B

A's windows loginId is "AaLoginId" and

B's windows loginId is "BbLoginId"

both A and B receives the mail with the above mentioned link in it. when A click the yes/no link my web method should give me A's login Id i.e "AaLoginId". After I get this I make an entry in my database as A has voted yes.

I have tried below thing in my web service to get the user name but of no use please help.

tried this things to get windows login username.

        //string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
        //Uri uri = new Uri("http://tempuri.org/");
        //ICredentials credentials = CredentialCache.DefaultCredentials;
        //NetworkCredential credential = credentials.GetCredential(uri, "Ntlm");
        ////userName = credential.UserName;
        //userName = User.Identity.Name;
        //userName= System.Threading.Thread.CurrentPrincipal.Identity.Name;
        //userName = Context.Request.ServerVariables["LOGON_USER"].ToString();
        //userName = HttpContext.Current.User.Identity.Name.ToString();

I went to authentication in my inetmgr and enabled windows authentication for my hosted web service now it does what I want (userName = User.Identity.Name;) but it opens a browser window and ask for windows userid and password I dont want that It should pick up without login window.

Please help or suggest any other approach to achieve this.

I went to authentication in my inetmgr and enabled windows authentication for my hosted web service now it does what I want but it opens a browser window and ask for windows userid and password I dont want that It should pick up without login window. — Yagnesh.Dixit, Jun 29 '13 at 11:59
Since you have code that is sending the mail by userid (right?) embed the user id in the URL they click. ?yesno=yes&userid=AaLoginid — dkackman, Jun 30 '13 at 13:53
@dkackman Thanks for your interest but.. If I do that and user A forwards the mail to user C then I wont get right record. — Yagnesh.Dixit, Jun 30 '13 at 13:58
@Yagnesh.Dixit The last and second to last lines will work, but you have to turn on windows auth in IIS and in you web config, plus you must turn off anonymous authentication. The other lines of code are going to access the account that the web service is running on, not the user who is connecting to the service — jfin3204, Jun 30 '13 at 14:52

score 1 · Answer 1 · answered Jun 30 '13 at 14:07

1

You need to turn on windows authentication for the webservice and in IIS, then you should be able to look at Request object to get the user

answered Jun 30 '13 at 14:07

jfin3204

699
6
18

you are right. In my question I have mention this approach.. the only problem is, it opens a browser window and a pop up is given for user credentials. I don't want that pop us as well as browser window to open. I want to some how capture his user id without asking him as he has already loged in to the system. hop I do not confuse u. – Yagnesh.Dixit Jun 30 '13 at 15:01
Are the users on the same domain? are they already logged on to the domain? If so then they should not get a request for credentials, are you sure that basic and digest authentication are turned off in iis? and that in the web config you have set authentication to windows? Also do they have access to the directory that the asmx or svc file is located? – jfin3204 Jun 30 '13 at 15:06
can you please explain more on the domain part. Yes basic and digest authentication are turned off in iis. Yes in the web config I have set authentication to windows. Please explain how can I find if user has access to directory. All the user are from same company and server belongs to the same company. And yes it ask for the credentials only once the second time I hit the link then it does not ask for credentials if I close the browser and again click it asks again for the credential I think you are gonna solve my problem. Thanks a ton for your time – Yagnesh.Dixit Jun 30 '13 at 15:16
on the server you need to go to the directory where the file is and look at properties, security and see what users have access to the directory. The key here is not that the user sending email has permissions to access the directory they should not, but the account that the web service is running under in iis must have access. it sounds like it does not, an that the system is asking you to provide an account that does have access. Once you provide that access you are authenticated and it will work till the browser closes because that is when the session is lost. – jfin3204 Jun 30 '13 at 15:22
no I will try to host my web service in the same domain in which users log in to use their system so as to avoid opening a new browser and pop up window. I am on leave for few days will get back to you. Thanks again for your help. – Yagnesh.Dixit Jul 01 '13 at 10:15

score 0 · Answer 2 · edited May 23 '17 at 12:05

0

Use Environment.UserName

Here's the MSDN docs. http://msdn.microsoft.com/en-us/library/system.environment.username.aspx

Edit - To retrieve all users logged into the current system, check out this Question/Answer - Logoff interactive users in Windows from a service

It shows a way to use WMI and through system DLLs to retrieve a list of logged in users on the current system (which may or may not include service accounts, I haven't tried it myself).

Edit - Using Integrated Security would work for what you're trying to achieve, but can be a bit tricky to setup in large corporations. To get rid of the login prompt, Internet Explorer auto-authenticates to sites in the "Intranet Zone", but does not auto-authenticate to sites in the "Internet Zone". Make sure your web service URL is Intranet based, i.e. http://myserver/ and not Internet based i.e http://myserver.mycorp.com/, unless the user's are within the same domain. If they are not, have the users add "*.mycorp.com" to the Intranet Zone. FireFox has a similar configuration, where specific sites must be "trusted" in order to auto-authenticate.

edited May 23 '17 at 12:05

Community

1
1

answered Jun 29 '13 at 10:49

Chris Gessler

22,727
7
57
83

Thank but it returns "SYSTEMS" as UserName – Yagnesh.Dixit Jun 29 '13 at 12:01
Then you're likely running under the "SYSTEMS" user account. – Chris Gessler Jun 29 '13 at 12:38
no I have logged in to my system with my userid and password and if I call web service from my system then it should show my loginid – Yagnesh.Dixit Jun 29 '13 at 12:48
1

That is a wrong assumption - It will display the username running the service, not an individual who logged into the server. For that to happen, you would have to start the service as an application which would then run under the user logged in. – Chris Gessler Jun 29 '13 at 15:16
@Yagnesh.Dixit - I've included code in my answer that will retrieve all the users logged into a system. I believe this is what you're after, from a server level perspective. – Chris Gessler Jun 29 '13 at 15:36
First Thanks for your help..:) I think I confused you. 1. In my organisation say their are 10 members. 2. I send mail to them through a web site with yes no link 3. when any of this 10 member click yes/no link a web service will be called as I have set href=webservice/Hellomethod?yesno=yes 3. Within the web service hello method I want to check which user has clicked the link. Hope It helped clear the confusion. – Yagnesh.Dixit Jun 29 '13 at 20:33
Since you know the username when you send out the email, you could simply embed an encrypted value in the query string within the email that the service can decrypt. This encrypted information could contain a database key, the username, the email address, or any combination. Also, embed a timestamp in the encrypted value so that A) you can timeout the message, B) it never follows a pattern that a hacker can pick up on. – Chris Gessler Jun 30 '13 at 13:09
Here's a link on why you're users are being prompted when using Integrated Security - http://blogs.msdn.com/b/david.wang/archive/2005/07/04/why-you-get-login-prompt-on-vs2005-with-integrated-auth.aspx – Chris Gessler Jun 30 '13 at 13:17
Thanks again Chris I did had that in my mind but... say I send mail to user A with a link in which I have encrypted his details. and then he forwards that mails to user C. Now I wont get correct voting results. I will go through the link and thanks again for your efforts. – Yagnesh.Dixit Jun 30 '13 at 13:52

want windows log in user name in web services C# asp.net

2 Answers2