Web API, APIController, Empty User

Question

I have a standard web form app which is authenticated using IIS's Windows Authentication setting.

As I now need to expose some the data via Web API, I have added an APIController which I can successfully retrieve the required data, however, I need to restrict what is returned based on the identity of the requestor.

The problem is that the this.User.Identity is coming back empty..

[System.Security.Principal.WindowsIdentity]: {System.Security.Principal.WindowsIdentity}
AuthenticationType: ""
IsAuthenticated: false
Name: ""

I am new to Web API so not sure what I have done wrong / forgotten to do...

FYI - The authentication on the web form app is working perfectly...

@granadaCoder Sorry... I can't remember what happened with this, it was over a year ago now... I think I took a different approach to WebAPI — Chris Hammond, Aug 06 '15 at 07:50

score 2 · Answer 1 · edited May 23 '17 at 12:10

2

Having "anonymous authentication" enabled..along side of "windows authentication" will create this "empty windowsIdentity" problem.

Longer discussion (and my problem and answer) here:

HttpClient calling a Windows-Authenication ApiController Method...but no WindowsIdentity coming along for the ride

Also see:

How to get Windows user name when identity impersonate="true" in asp.net?

edited May 23 '17 at 12:10

Community

1
1

answered Aug 08 '15 at 18:26

granadaCoder

26,328
10
113
146

Web API, APIController, Empty User

1 Answers1