0

I have an Asp Net core application. I have set the Authentication to Windows Authentication. when I run the app from Visual Studio the WindowsIdentity.GetCurrent().Name returns my computer name and when I host it on IIS, it gives the IISAppPool name. I want to get the user's domain username and store in DB.

The above scenario was when I had the anonymousAuthentication: true.

Here is when I change it. The launchSettings.json content for IIS:

"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": false,
"iisExpress": {
  "applicationUrl": "http://localhost:21021/",
  "sslPort": 0
}

I have also added [AbpAllowAnonymous] on the TokenAuthController.

Now I am getting a prompt on page load asking for username and password. I do not know what I should add as my username and password. I have already tried my windows username and password but it keeps prompting me for username and password!

Mohammad Shadmehr
  • 675
  • 11
  • 26

2 Answers2

0

Possible duplicate. Getting the Windows Identity is easy if you're starting from scratch in Microsoft provided template.

Doing it from Abp might be slightly tricker.

jazb
  • 5,498
  • 6
  • 37
  • 44
  • Its not quite similar scenario. That was MVC and mine is Angular & Asp Core. I do not know how to set a specific authorization on a page in Angular as @vivek-nuna suggested. – Mohammad Shadmehr May 11 '18 at 01:25
0

In order to do what you appear to be trying to do, you need to tell iis to run the app as the authenticated user. This can be done on a per appdomain basis under authentication > ASP.NET impersonation config option; however, you'll have to authenticate your users somehow, be it basic auth, Kerberos, or an HTTP module that assigns thread principals (Basic requires no additional coding and neither does windows, but the users must be on the same domain). Without this, the app runs as the app pool's service account and thus the thread's identity would be as such. Moreover, when doing this, the user will have the permissions they have on the server (so if you log in a folder they don't have native access to, you'll get an error).

jake.toString
  • 84
  • 10
  • At the moment I am running the application from VS. Would you please advise where exactly I should set the impersonate config option as you have suggested? – Mohammad Shadmehr May 11 '18 at 02:48
  • There's a GUI in IIS. For IIS express, you'll have to add the functionality in the configuration files. This SO post should help you out: https://stackoverflow.com/questions/4762538/iis-express-windows-authentication again, basic auth might be a better route to go over Windows – jake.toString May 11 '18 at 09:54