42

I have a Silverlight application (using MVC) and when i'm building in visual studio, using Visual Studio Development center, there's no problem, the HttpContext.Current.User.Identity.Name has a Value

But when i'm using the same project with IIS 7.5 (i'm using Windows 7), HttpContext.Current.User.Identity.Name stays empty

Anyone who can help? Or knows where i can find the settings from the visual studio Development center, so i can check what's wrong in IIS?

Hossein Narimani Rad
  • 27,798
  • 16
  • 81
  • 109
Jordy
  • 888
  • 2
  • 9
  • 20
  • 2
    Check your authentication settings. HttpContext.Current.User is an IPrincipal that wraps the current user - be that a Windows user, .NET Forms security principal, Passport principal, or a custom user principal from your own project. I suspect that IIS7 is allowing anonymous authentication, whereas for whatever reason Visual Studio is running as an authenticated user. What's the .Name value returning in Visual Studio, and what are the authentication settings on your IIS site? – Dylan Beattie Oct 15 '09 at 08:32
  • .Name in Visual Studio returns "lapjordy\\Jordy" (my windows login name) .Name in IIS returns "" (empty string) I turned of anonymous authentication in IIS and turned on Windows Authentication, but then the browser asks me to give me my windows credentials.. The only thing i want is that the application (silverlight) gives me the name of my current windows user (without the browser is asking for my username --> see image) – Jordy Oct 15 '09 at 11:39
  • http://img98.imageshack.us/content.php?page=done&l=img98/5376/printscreen1.png&via=mupload – Jordy Oct 15 '09 at 11:40

11 Answers11

51

I struggled with this problem the past few days.

I suggest reading Scott Guthrie's blog post Recipe: Enabling Windows Authentication within an Intranet ASP.NET Web application

For me the problem was that although I had Windows Authentication enabled in IIS and I had <authentication mode="Windows" /> in the <system.web> section of web.config, I was not preventing anonymous access. This last part was the key. You need to prevent anonymous access to ensure that the browser sends the credentials.

You can either configure IIS in Control Panel so that your site (or machine) uses Windows authentication and denies anonymous access or you can add the following to your web.config in the system.web section:

<authentication mode="Windows" />

<authorization>
   <deny users="?"/>
</authorization>
Pang
  • 8,605
  • 144
  • 77
  • 113
Bryan Bedard
  • 2,479
  • 1
  • 21
  • 22
  • 4
    Worked for me although my Identity.Name was only blank intermittently, from second to second. No idea why, would be interested if anyone could explain? – Ronnie Mar 17 '16 at 15:54
  • 1
    if i set this in web.config, i cant access the page anymore, says unauthorized, using Visual studio – aero Jul 01 '19 at 19:05
  • Are you on a home network or a work network with Active Directory? I think it only works with Active Directory (domains). On my home network I get the unauthorized error as well with the same configuration. – Bryan Bedard Jul 04 '19 at 17:22
23

These might resolve the issue(It did for me). In IIS Express change the project property values, "Anonymous Authentication" and "Windows Authentication". To do this, when project is selected, press F4 and then change these properties.

enter image description here

In case you are deploying it on IIS locally, make sure local machines "Windows Authentication" feature is enabled and "Anonymous Authentication" is disabled.

Refer to

https://grekai.wordpress.com/2011/03/31/httpcontext-current-user-identity-name-is-empty/

digitally_inspired
  • 517
  • 4
  • 12
8

In addition to "answered Mar 28 '11 at 12:27Bryan Bedard"

In case that the solution doesn't work, you have to enable Windows Authentication in iss manager. How to do that:

1.To start IIS Manager from the Run dialog box: On the Start menu, click All Programs, click Accessories, and then click Run. In the Open box, type inetmgr and then click OK.

2.In the Connections pane, expand the server name, expand Sites, and go to the level in the hierarchy pane that you want to configure, and then click the Web site or Web application. 3. Scroll to the IIS section in the Home pane, and then double-click Authentication.

4.In the Authentication pane, select Anonymous Authentication, and then click Disable. enter image description here

  1. In the Authentication pane, select Windows Authentication, and then click Enable.

Reference

Dmitry Toder
  • 119
  • 1
  • 4
  • and also, if you then get a 500.19 you might try editing the applicationHost.config. ctrl+f windowsAuthentication and make sure `overrideModeDefault="Allow"`. You may need to do the same thing for anonymousAuthentiction, [Here](https://blogs.msdn.microsoft.com/webtopics/2010/03/08/troubleshooting-http-500-19-errors-in-iis-7/) is more information from Microsoft. – user875234 Mar 18 '19 at 19:26
6

I also had this problem recently. Working with a new client, trying to get a an old web forms app running from Visual Studio, with IISExpress using Windows Authentication. For me, the web.config was correctly configured

However, the IISExpress.config settings file had:

<windowsAuthentication enabled="false">

The user account the developer was logged in was very new, so unlikely it had been edited. Simple fix it turned out, change this to enabled=true and it all ran as it should then.

Pang
  • 8,605
  • 144
  • 77
  • 113
PaulTheCyclist
  • 1,097
  • 9
  • 10
  • 1
    This is **the** answer I was looking for. My IISExpress setting, though, are stored in the file `applicationhost.config`. – Nova Nov 22 '14 at 21:24
5

Also, especially if you are a developer, make sure that you are in fact connecting to the IIS server and not to the IIS Express that comes with Visual Studio. If you are debugging a project, it's just as easy if not easier sometimes to think you are connected to IIS when you in fact aren't.

Even if you've enabled Windows Authentication and disabled Anonymous Authentication on IIS, this won't make any difference to your Visual Studio simulation.

Mishax
  • 4,226
  • 5
  • 34
  • 61
5

Disabling all other options in authentication tab of iis except windows authentication resolved my issue. Please check..

Steps:

  1. Open iis in your machine
  2. Select your application from the application pool
  3. Click on authentication option
  4. Disable all other option except windows authentication (Anonimous authentication should be disabled)

Please check this and let me know the feedback. It worked for me. hope it will work for you also.. enter image description here

Adarsh
  • 111
  • 2
  • 2
2

The browser will only detect your username if the IIS server is on the same domain and the security settings within your group policy allow it.

Otherwise you will have to provide it with credentials, but if it is not on the same domain, it will not be able to authenticate you.

cjk
  • 43,338
  • 9
  • 74
  • 109
  • 2
    how do you put IIS server and browser (or application?) in the same domain? and were do i need to set those group policies? do you have an example? hope you can help! :) – Jordy Oct 16 '09 at 19:05
1

Apart from all obvious reasons mentioned earlier, there might be another one: you didn't put an Authorize attribute on top of your controller, like that:

[Authorize(Roles = "myRole")]
[EnableCors(origins: "http://localhost:8080", headers: "*", methods: "*", SupportsCredentials = true)]
public class MyController : ApiController

At least that's what worked for me.

cornhedgehog
  • 75
  • 1
  • 5
0

As @PaulTheCyclist says, If using IISExpress anonymous authentication is enabled by default, windows authentication is disabled.

This can be changed in what I'm sure used to be called PropertyPages (NOT right-click -> properties). Select the web project

waxingsatirical
  • 452
  • 6
  • 10
0

Try enabling basic authentication and disabling the other authentications in IIS, then try launching the application. The application will ask for windows credentials. Enter the same and the app should be able to get the name under HttpContext.Current.User.Identity.Name.

user1531912
  • 355
  • 1
  • 4
  • 16
0

I was facing this issue when authentication mode was not set while creating the project. So It worked when created a new project with authentication set to windows mode in the initial settings.

PrincyLora21
  • 1
  • 1