2

I am developing an intranet application using ASP.NET MVC 4. I am using custom forms authentication. When the user accesses the application I want to take the user's Windows logged-in username and check that username in my database. But I don't know how to take that username. I try to take it using the following code:

string CurLoggedInUsername = Environment.UserName;

This gives me the username when I run from Visual Studio, but when I host my application on IIS it gives a weird value. I also tried to use

string CurLoggedInUsername = httpcontext.current.user.identity.name;

but no use. Is there a way to get the user's Windows logged-in username before authentication?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
CodeWarrior
  • 763
  • 3
  • 14
  • 33
  • possible duplicate of [Getting the logged in username in ASP.NET MVC3 intranet application](http://stackoverflow.com/questions/6786380/getting-the-logged-in-username-in-asp-net-mvc3-intranet-application) – Daniel Kelley Jun 09 '14 at 15:40
  • 2
    Why not use windows auth? – Luthervd Jun 09 '14 at 15:45
  • I already tried to use windows authentication but it shows prompt asking for username and password which I don't want. I want when user access my login page I get his windows account username and check it against my DB. If it's present and have flag true for auto login then redirect to dashboard else if false flag for auto login then show login page with username populated and allow user to enter password. – CodeWarrior Jun 10 '14 at 06:37
  • @CodeWarrior, did you find any solution for this? – Diego Jan 21 '16 at 20:51

1 Answers1

0

It sounds like you may need to consider mixed-mode authentication. I.e. Windows and Forms authentication. The thing is they don't necessarily play well together.

The following article describes the problem and how to overcome it. The thrust of the article centres around how a 401 challenge (Windows authentication) and 302 redirect (forms authentication) are incompatible in > IIS 7 integrated mode and a way to use a couple of forms and HTTP pipeline interception to get at user details. I used the approach successfully for a large public sector client (albeit for a webforms application). I'm sure the principles are the same.

IIS 7.0 Two-Level Authentication with Forms Authentication and Windows Authentication

I forgot to add in the code examples the right place to look for Windows authentication credentials are presented. It's been a while, so I can't remember it off the top of my head.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
brumScouse
  • 3,166
  • 1
  • 24
  • 38