0

My problem is that I have a asp.net solution that uses a seperate project for logging and now I want the log to save the logged in user. Windows authentication is used for the webapp and the app pool is run under a service account. So when I call the logger through a method(static) I want the logger to pick up who is the logged in user. The only thing I currently get is the service account that the app pool run under.

Any ideas of how to get the user from the webapp?

Boppster
  • 48
  • 5
  • possible duplicate of [Retrieve Logged In user](http://stackoverflow.com/questions/8930352/retrieve-logged-in-user) – JohnFx Feb 20 '12 at 16:27

3 Answers3

2

You might be able to use HttpContext.Current.User.Identity.Name. I think that HttpContext.Current should be correctly initialised even in a separate project.

Chris
  • 27,210
  • 6
  • 71
  • 92
  • Yes, as long as the DLL is running in the same process as the web app, then `HttpContext.Current` should be available. – Christian Hayter Feb 20 '12 at 16:48
  • It will only give me the identity of the service account that the app pool is running under. – Boppster Feb 21 '12 at 09:50
  • Hmmm... thought that was always the current logged on user... You can try `Membership.GetUser()` (see http://msdn.microsoft.com/en-us/library/fcxcb339.aspx for details). I'm less sure of that one though. If it works I'll update my answer... :) – Chris Feb 21 '12 at 10:11
  • Membership relies on httpcontext to get the username – Boppster Feb 21 '12 at 10:26
2

Make sure that your thread principal is the same as the System.Web.HttpContext.Current.User

At the end of the Application_AuthenticateRequest method in your global.asax, you may need something like:

System.Threading.Thread.CurrentPrincipal = System.Web.HttpContext.Current.User;
Devdutt Patnaik
  • 71
  • 3
  • Seems to work, but I am not sure how this plays with the Identity set for the app pool. Gonna test some more before I mark it as answer. – Boppster Feb 21 '12 at 12:26
  • @Boppster : Typically the identity set for the app pool should be a virtual account created for that app pool (not a local machine or domain account) that should have low privileges. At the end of Application_AuthenticateRequest (where you can create a custom principal if you need), you can "elevate" the principal on the thread to the domain user who has logged in. – Devdutt Patnaik Feb 22 '12 at 17:06
0

Yes. Not from the logger, obviously. You need to acess the HttpRequest somehow - in the page etc.

So, it is doable in a logging framework embedded in the application, it is not doable from a different level so much.

The user will be recorded in request level properties.

TomTom
  • 61,059
  • 10
  • 88
  • 148