0

I am developing an internal web app using Blazor (WebAssembly) and SQL Server Express 15. The web app will only be accessed while within our network.

As I am extremely early in development, I currently host the Blazor app and the SQL server on my workstation; eventually the app and SQL server will reside on a more traditional server inside our firewall.

I'm using the default Windows Authentication for SQL Server. What I'd like to do is, via Blazor, access the Windows userid of whoever is interacting with the SQL server by virtue of accessing the web app. I could then use that information to (for example) show that user their weekly timesheet when they go to My Timesheet within the web app.

Is there a way to access the Windows userid that authenticated into SQL Server? Or am I misunderstanding things / off-base is some fashion? Or is there another way to get the Windows userid without interacting with SQL Server?

What I've Tried

I've tried System.Environment.UserName, but that returns "Browser". I've also tried System.Environment.UserDomainName, but that returns "localhost". I've also tried System.Security.Principal.WindowsIdentity.GetCurrent().Name and code based on ManagementObjectSearcher, but both throw an exception under WebAssembly, as WebAssembly is not Windows (even when running on a Windows server and/or a Windows browser-client).

From the other suggestions in this question, I was unable to find the right using statements or other syntax in Blazor for

  • Request.LogonUserIdentity.Name,
  • System.DirectoryServices.AccountManagement.UserPrincipal.Current.DisplayName,
  • User.Identity.Name,
  • System.Windows.Forms.SystemInformation.UserName, and
  • HttpContext.Current.User.Identity.Name.
Filburt
  • 17,626
  • 12
  • 64
  • 115
Neil Wehneman
  • 154
  • 1
  • 12

1 Answers1

-1

check this tutorial from Medium: https://vaibhavbhapkarblogs.medium.com/windows-authentication-authorization-in-blazor-application-144d23dd90be should be the right starting point.

The part you need is inside the custom AuthenticationStateProvider you need to implement:

//Getting logged in windows user name
var user = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
Nicola Biada
  • 2,325
  • 1
  • 8
  • 22
  • 2
    As I mentioned in the post, I tried System.Security.Principal.WindowsIdentity.GetCurrent().Name previously, and received an exception when doing so. I just now re-tried it (following the directions of your linked guide), and received "System.PlatformNotSupportedException: Windows Principal functionality is not supported on this platform." – Neil Wehneman Aug 12 '21 at 20:52
  • 3
    You cannot use a server side technology on client side. You need to use this call in your server (backend) side. The example from Medium is for a Blazor Server side application and it works as expected. If you prefer to use a Blazor WASM you need to implement a mechanism to call a server side page where you can receive the user, than you need to pass it back to client side using a cookie. Look at Chris: https://chrissainty.com/securing-your-blazor-apps-authentication-with-clientside-blazor-using-webapi-aspnet-core-identity/ – Nicola Biada Aug 12 '21 at 21:15
  • 2
    The mechanism I've described is the same you can find in the template with IdentityServer authentication, where the authentication pages (login/logout/profile/etc.) are server side technology and the other parts are in WASM. – Nicola Biada Aug 12 '21 at 21:19
  • I don't want to build a login system. What I want is just to obtain the userid used by Windows Authentication; I'd then build my own list of privileges based on what userid they have (as all users will be employees of the company). I took another crack at System.Security.Principal.WindowsIdentity.GetCurrent().Name;, but I could only get the app to build when that property was used on the server-side. If it's used on the server-side, it only tells me what userid launched the server, not what userid has accessed the (client) website. I suspect getting client Windows userids is not possible. :-/ – Neil Wehneman Aug 20 '21 at 18:33