1

I have a MVC 4 application deployed on IIS. I am trying to get the Windows user in code as following but its reuring me the App Pool user.

Code Inside Controller to get User: 

User.Identity.Name

I have tried to chaged the App pool Identity to Local System, NetworkSystem and ApplicationPoolIdentity. But then it stoped returing anything back.

What I am looking for it that I don't want Login prompt screen to be displayed when user hit the site, site should autometically pick the System user and display the results accordingly.

config is as below:

<authentication mode="None"/>

Thanks in Advance

Scorpion
  • 4,495
  • 7
  • 39
  • 60
  • possible duplicate of [Get the Application Pool Identity programmatically](http://stackoverflow.com/questions/10101162/get-the-application-pool-identity-programmatically) – Justin Niessner Feb 24 '14 at 16:20
  • No, its not duplicate. That question is to get application pool identity. Here I don't want that. thanks – Scorpion Feb 24 '14 at 16:25
  • If that's the case, you need to change the title of your question. I can't tell exactly what you're asking for. Do you want your site to use Windows authentication (which would cause `User.Identity.Name` to return the current Windows user)? – Justin Niessner Feb 24 '14 at 16:27
  • @JustinNiessner thats acceptable. We only use IE. thanks – Scorpion Feb 24 '14 at 16:43
  • @JustinNiessner Not entirely true. You can do NTLM/Kerberos authentication in Firefox and Chrome. You just need to configure both of those browsers to allow it. – Steven V Feb 24 '14 at 16:47

4 Answers4

0

If you want to enable Windows users to automatically log in to your site using their Windows credentials, the only change you need to make is from:

<authentication mode="None" />

To:

<authentication mode="Windows" />

Your users will be logged in automatically in IE or other browsers that have been configured for NTLM authentication. If not, they will still be prompted to re-enter their Windows credentials.

Justin Niessner
  • 242,243
  • 40
  • 408
  • 536
  • I have already tried it. But unfortunately not working. `User.Identity.Name` returns empty string. – Scorpion Feb 24 '14 at 16:56
  • Can you please tell me what Authentication I need to enable dor it. If I enable `Windows Auth`. It prompts the login screen everytime. – Scorpion Feb 24 '14 at 16:58
  • @Scorpion - I was assuming the conditions spelled out in this blog post. Take a look at the checklist and ensure that your environment is also configured properly: http://www.wiktorzychla.com/2012/06/iis-75-integrated-security-with-no.html – Justin Niessner Feb 24 '14 at 16:59
  • tbh, I have done everything which is mentioned in blog but no luck :( – Scorpion Feb 24 '14 at 17:19
  • The setting Justin showed + Setting IIS to Windows Auth=True and Anonymous=False. – Elim Garak Apr 27 '17 at 13:35
0

I believe you want to find the Process Model Identity. This is the ID that the application pool is running under. Sometimes this can be set to SYSTEM, Network Service, or Custom Domain Service account. Is that correct? I found the answer in another thread.

For someone out there that might be struggling, this is the code I used to get the username that started the AppPool (it's identity): 

ApplicationPool pool = serverManager.ApplicationPools["YoutAppPoolName"];  
pool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser; 
string user = pool.ProcessModel.UserName;–  p0enkieMay 7 '12 at 6:47

You will need to add a reference to Microsoft.Web.Administration to use the ServerManager class.

gung - Reinstate Monica
  • 11,583
  • 7
  • 60
  • 79
Kris
  • 1
  • Welcome to the site, @Kris. I edited this to fit w/ our style. Please check to ensure it still says what you want. You do not need to sign your posts. If you found this answer in another thread, you may want to link to the source. – gung - Reinstate Monica May 23 '14 at 16:23
0

Change in Application pool worked for me.

Changed Load User Settings to true in application pool advanced settings and it worked.

Scorpion
  • 4,495
  • 7
  • 39
  • 60
0

I am using using windows authentication. I set this in the Web.config file :

 <authentication mode="Windows" />
 <authorization>
      <deny users="?" />
 </authorization>

I did NOT put in any impersonation config in the web.config file.

In IIS, all authentication for the app is disabled except for Windows Authentication.

Using this set up, i used the following lines of code to get the windows user logged in and not the app pool user that is accessing the DB : 

var page = new Page();
var currentUser = page.User.Identity.Name.ToString();

This returned : Domain\username.

if I used : 

var currentUser = 
System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();

I would get : Domain\AppPooluser

Fabian Madurai
  • 317
  • 3
  • 4