6

I enabled impersonation and Windows authentication.

<authentication mode="Windows" />
<identity impersonate="true" userName="name" password="passord"/>

But Thread.CurrentPrincipal.Identity.Name returns the name of authenticated user and WindowsIdentity.GetCurrent() returns impersonated identity.

Shouldn't these identities be the same?

And under which credentials does the code run in this case?

Jason Aller
  • 3,391
  • 28
  • 37
  • 36
Pavel Voronin
  • 11,811
  • 6
  • 54
  • 113

1 Answers1

11

As far as I can understand the Thread.CurrentPrincipal contains the information of conditions the thread has been started with, including the WindowsIdentity. That's why Thread.CurrentPrincipal.Identity.Name returns the name of User who started the thread. To the contrary WindowsIdentity.GetCurrent() Returns a WindowsIdentity object that represents the current Windows user, which has been changed via Impersonation. I'm not 100% sure about it, but that's how I think it works.

Simon
  • 30,844
  • 15
  • 120
  • 187
Andrei Zubov
  • 568
  • 4
  • 14
  • 3
    Works exactsly as you told. Thread.CurrentPrincipal is set as the result of authentication. Be it Basic, Digest, Windows or Forms authentication. This principle in nothing more than a ticket recieved form user. And WindowsIdentity related to running thread and process. If only Windows auth. is enabled and impersonation is on then identities will be the same. If anonymous login is enabled then CurrentPrinciple.Identity has empty name. – Pavel Voronin Aug 14 '13 at 14:06