Why does System.Web.HttpContext.Current.User.Identity.Name return an empty string?

Question

I have the following code to verify if the user has access to the application or not. Problem is System.Web.HttpContext.Current.User.Identity.Name returns empty. I checked. What could be the problem? My other application uses the same code snippet and it works there. Why is this happening?

string username = System.Web.HttpContext.Current.User.Identity.Name;
string str = "SELECT LASTNAME +', '+ FIRSTNAME AS NAME, USER_NAME, DEPARTMENT FROM DBNAME.DBO.TABLENAME WHERE USER_NAME = '" + username + "' ";
SqlCommand cmd = new SqlCommand(str, conn);
SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
if (rdr.HasRows == false)
{

        Server.Transfer("unauthorized.htm");
}
else
{
    while (rdr.Read())
    {
        name = rdr["NAME"].ToString();
        username = rdr["USER_NAME"].ToString();
        dept = rdr["DEPARTMENT"].ToString();
    }
}

What authentication you were using? Form, Federation? You need to look at your authentication code, see how the user was populated — Thai Anh Duc, May 23 '13 at 07:32
You might want to look at this answer http://stackoverflow.com/a/8841841/293712 and user other option — Maheep, May 23 '13 at 07:33
It's not of much use showing us everything _after_ getting the empty string - we kinda need to know how it came to be that way by knowing how you handle log-ins. — Grant Thomas, May 23 '13 at 07:37
@GrantThomas I have this code on page_load of my default page. I don't know what you mean by how I handle log-ins. — Artemis, May 23 '13 at 07:56

score 5 · Accepted Answer · answered May 23 '13 at 08:40

5

It looks like you have an anonymous user. If you don't want to allow anonymous users, add the following to web.config:

<system.web>
  <authorization>
    <deny users="?" />
  </authorization>
</system.web>

answered May 23 '13 at 08:40

Joe

114,633
27
187
321

This just gives me Server Error 401 - Unauthorized: Access is denied due to invalid credentials. – Artemis May 23 '13 at 08:49
3

Is IIS configured to use Windows authentication and do you have `` in the web.config? – Joe May 23 '13 at 08:55
Yes and Yes. This is just weird. My other application has the same code. And it works fine there. – Artemis May 23 '13 at 09:01
Uh oh! So I was stupid and I really did forget to configure the IIS Authentication. I just thought I already did it but not. – Artemis May 24 '13 at 10:56
2

And what configuration did you use? – Tommy Dec 10 '13 at 16:05

score 0 · Answer 2 · edited May 23 '17 at 11:58

0

If you are using Windows authetication with IIS Express, make sure you have in C:\Users\[username]\Documents\IISExpress\config\applicationhost.config .

Check related question: IIS Express gives Access Denied error when debugging ASP.NET MVC

edited May 23 '17 at 11:58

Community

1
1

answered Jul 14 '14 at 11:28

jumxozizi

562
8
19

Why does System.Web.HttpContext.Current.User.Identity.Name return an empty string?

2 Answers2