-1

using framework asp.net core - on .net core MVC jquery

In the account controller, I am attempting to obtain the user currently logged in to that machine on an intranet network. ie the windows authenticated user.

If I try WindowsIdentity.GetCurrent() is just returns the identity of the application pool. not what I need.

I have anonymous turned off and windows auth turned on in both the launchsettings.json and the IIS settings.

I understand that the identity middleware for abp framework I'm using is table based so the Controllers 'User' property is not what I need either.

I am wondering whether this is a limitation of the .net core?

user3518491
  • 29
  • 2
jazb
  • 5,498
  • 6
  • 37
  • 44
  • `HttpContext.User.Identity.Name` – aaron Mar 29 '18 at 01:48
  • Yes that would return the Table based user. However I am trying to grab the identity of the logged 'windows' user - but I don't think it is going to be possible. I looked at the standard microsoft template project for asp.net core using windows authentication - the Model for the User property comes from RazorPageBase.User which is a ClaimsPrincipal type. – jazb Mar 29 '18 at 02:23
  • `HttpContext.User.Identity` *is* of `ClaimsPrincipal` type. – aaron Mar 29 '18 at 02:30
  • ok, yes correct - i just took a peek at the source code for RazorPageBase and the User property is : "public virtual ClaimsPrincipal User => ViewContext?.HttpContext?.User;" – jazb Mar 29 '18 at 02:39
  • i think becuase the abp middleware set the identity source (table) so if the user has not logged in, then that property will be empty. I am trying to dig out the windows logged on user before they log in - that is why i'm stuck as it just returns my app pool identity – jazb Mar 29 '18 at 02:41

1 Answers1

0

You need to disable Anonymous Authentication and enable Windows Authentication for a specific page like Login page. This way, you say the Login page requires NTLM. So browser sends authenticated user information. And you can retrieve it with HttpContext.User.Identity.Name

Then there's next challenge! Authenticating this user with ABP. For this one, you can check out this StackOverflow post.

Vivek Nuna
  • 25,472
  • 25
  • 109
  • 197
Alper Ebicoglu
  • 8,884
  • 1
  • 49
  • 55
  • I tried adding [AbpAuthorize()] to the controller but i get an error that creates a recursive loop . https://localhost:44323/Account/Login?ReturnUrl=%2FAccount%2FLogin%3FReturnUrl%3D%252FAccount%252FLogin%253FReturnUrl%253D%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FAccount%25252525252F – jazb Mar 29 '18 at 05:18
  • if i could only have the site start on a different page i might make some progress... – jazb Mar 29 '18 at 05:31
  • 1
    change the default landing page to your windows authenticated page. – Alper Ebicoglu Mar 29 '18 at 10:15
  • 1
    Put `[AbpAllowAnonymous]` on `Login` method. – aaron Mar 29 '18 at 10:31