0

In my ASP.net web application, after a user has authenticated via forms authentication, I'm trying to read the user name from HttpContext.Current.User.Identity.Name.

When I run this on my personal machine running IIS Express, this works just fine. When I run it on a server under IIS 7.5, this expression always evaluate to string.Empty.

Why is this and how can it be mitigated?

Note: This is not a duplicate of "HttpContext.Current.User.Identity.Name is Empty" because that question is about the web server built into Visual Studio.

Note 2: In my case anonymous access has not been turned off. If this is indeed the cause for the issue, can you please explain why?

Community
  • 1
  • 1
urig
  • 16,016
  • 26
  • 115
  • 184

1 Answers1

3

HttpContext.Current.User.Identity.Name uses LDAP to determine what your windows username is.

This works because when anonymous access is turned off, your computer is required to "log in" with your windows identification to access the site (not anonymous). Because of this, the site knows who you are and can return the correct data.

If anonymous access is left on, your computer uses the quickest/easiest method of access (anonymous) and returns the webpage to you. IIS then only knows you as anonymous so cannot put a name to you.

oppassum
  • 1,746
  • 13
  • 22
  • Thank you! Any idea why in IIS Express it does work? – urig Jul 01 '15 at 20:28
  • 1
    I assume it already has credentials because it's running locally. – oppassum Jul 01 '15 at 20:34
  • The correct way to get login user info is via `Page.User` or `Controller.User`. Besides, IIS and IIS Express are different, https://blog.lextudio.com/2015/04/web-application-differences-in-visual-studio-and-iis/ – Lex Li Jul 16 '15 at 13:06