What are the differences (behind the scenes) between Page.User.Identity and Request.LogonUserIdentity? Not the differences in type, name, etc but the differences in how they're implemented behind the scenes (i.e. one calls windows xxx api and the other calls asp.net xxx api...).
View 1 RepliesI was/am struggling with security for my first MVC applicaiton. It worked out great for me, but not for my users. I wanted to use Windows Authentication (and I seem to have that working). But when I was still trying to implement it, I was on one of our users computers where they were logged in. I navigated to the main Index page and used the supplied MVC login link and *MY* credentials. So now every time that user navigates to that page, it logs her in as me. We are using IE8, I have deleted all the cookies, passwords, forms information I can fine through Tools|Internet Options|Tool|Content|AutoComplete.
View 6 RepliesI have IIS on S2k8 and a website with Windows Authentication only.
I can easily reproduce the following scenario, where HttpContext.Current.Request.LogonUserIdentity.Name has a bad value:
Login to website using FireFox, using an Active Directory account "user" (I could use IE to reproduce the same, but it's a few extra steps)Display <%=System.Web.HttpContext.Current.Request.LogonUserIdentity.Name%> on the pageIt shows "DOMAINuser", which is correctI go into Active Directory and rename the account to be "userX" instead of "user" (both SAMAccountName & UPN)Restart FireFoxLogin to website using "userX" accountThe page still shows "DOMAINuser", instead of the expected "DOMAINuserX"
It seems almost as if IIS has cached the old username and it's not showing me the new one, even though I explicitly enter it in the login prompt.
I have an ASP.NET app that logs Audit reports using nHibernate's IPreUpdateListener. In order to set the current user in the Listener events, I was using System.Security.Principal.WindowsIdentity.GetCurrent(). This works fine when debugging on my machine, but when I move it to the staging server, I'm getting the ASP.NET process credentials, not the requesting user.
In the ASP.NET page, I can use Request.LogonUserIdentity (which works fine since I'm using integrated authentication), but how do I reference this user directly without having to pass it directly to my event? I don't want to have to pass this info through the pipeline because it really doesn't belong in the intermediate events/calls.
I am building a simple intranet site and want to get the employees user name, but when i use Request.LogonUserIdentity.Name , i keep getting the servers credentials and not the users. what am i doing wrong and is there a better way to do this.
View 1 RepliesI have a feeling that Request.ServerVariables("AUTH_USER") and User.Identity.Name return the same string while using FormsAuthentication.So my question is as simple as that. Which one should i better use?
View 1 RepliesI have implemented Forms authentication in an ASP.NET MVC 2 website
By using <%: Page.User.Identity.Name %> on the Site.Master page I can display the userid of the logged in user.
I would like to use this value and display other information about the user that is stored in a User table in a MsSQL database, like:
<%: GetFirstname(Page.User.Identity.Name) %>
What is the difference between Request.RawUrl and Request.Url in ASP.NET?
View 3 Replies Is there a simple way to just retrieve the user's name, and not the Domain name, when using this function:
string quizTaker = Page.User.Identity.Name.ToString();
Right now it returns "DOMAIN_NAMEUserName"
I would like to just use isolate and use the user's name, without the Domain name.
Web pages are, by nature, state-less objects. When you click from page to page in an ASP.net application, each request for a page is treated as a brand-new request. We use things like cookies, session-variables, and query strings to maintain state from page to page.
When you log in to an ASP.net web application using Windows Authentication, how does IIS persist your identity between pages?
I'm trying to access User.Identity from my master page so I can figure out which user is logged in, however I can't get it to work. If I import System.Security.Principal in my master page it makes no difference:
<%@ Import Namespace="System.Security.Principal" %>
I can access it fine if I try within a Controller.
In IIS 7.5 server I have a website apps.mydomain.com. Site binding for this website is:
IP: All Unassigned
Port: 80
Host name: apps.mydomain.com
In DNS there is an ip address pointing to apps.mydomain.com. Site comes up fine when browsing to this hostname.
I want to get current windows logged in username from asp.net web apps. I enabled windows authentication and disabled anonymous. Using this ASP.Net code to test:
Response.Write(Page.User.Identity.Name);
However, browsing to http://apps.mydomain.com/site/ the application pool identity shows as the Page.User.Identity.Name value and not the current windows logged in username.
If I browse to http://servername/site/ then Page.User.Identity.Name will return current windows logged in username.
Is there something else I need to configure to get the current windows logged in username when using host header?
web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Windows"/>
</system.web>
</configuration>
App pool config (left out "handlers" for brevity, there's a 30000 char limit):
[Code]....
When I use a Master Page with a Content Page, in the Content Page script I find that User object is defined, with Identity and IsInRole properties. However, when I enter script on the Master Page itself User comes up as "not declared".
I am guessing that User is embedded in some namespace that is automatically imported to Content pages, but haven't been able to track it down.
I have an aspx page which displays a user's details in a Label. It takes their User.Identity.Name and queries Active Directory using the following code:
[Code]....
In this code Page.User.Identity.Name is null
[Code]....
I thought the Name always was set when user was Authenticated?
If this is not the case, how should I do instead?
I want to set identity for a non web request. Currently I am using FormsAuthentication and I am getting user identity via this User.Identity.Name .
Now I have to make the user login via API. I have the username/password for the user, how can I set the identity for this.
Probably one of those things you know and use every day without thinking what it is:
Do you think Component based frameworks are better than Action/Request based web frameworks?
From the naming I think I'm using both (of course, I must be wrong if things are asked like this).
My web front-end (Pages and Code behind / Views and Controllers) are Request/Action while my other layers are Component based...no?
Or does this apply to specific frameworks or ways doing things?
What is the best sequence order for Page.IsPostBack and User.Identity.IsAuthenticated? From what I have search for, this comes up most common:
If Not Page.IsPostBack Then
If User.Identity.IsAuthenticated Then
~Some kind of code~
End If
End If
Is this considered "best practice" or can the two items - Page.IsPostBack and User.Identity.IsAuthenticated -be split into their own sections so the fuctions of these can be independent of each other?I am trying to troubleshoot a placeholder that disappears from a master page when a content page button is pressed to change the content pages active view (I have a multiview w/ 5 views inside of it).
I have a FormView and the SELECT statement I have is as follows:
SelectCommand="SELECT [UserName], [Full_Name_1], [Full_Name_2], [Email], [Address], [City], [State], [Zip_Code], [Home_Phone], [Cell_Phone] FROM [Homeowners] WHERE ([UserName]='<%$ User.Identity.Name %>')"... but it results in the FormView disappearing from the web page. Note: at the top of the page,
<%= user.identity.name %> displays the name fine, so user.identity.name does contain the info I'm looking for.I am trying to figure out how to correctly format the SELECT filter to feed user.identity.name to the SELECT statement as a filter. ... or if there is an alternative way.
i have Using aspnetmembership
i want to know how i can ReNew The Life Time Of Page.User.Identity.UserId Session, , how i can increase the Time Of this session ??
i want this scenario in case when the user LogOn for 15 minutes , then the page refreshed ,then renew the TimeOut Of Session by adding addtional 15 minutes and so on
note that im using Page.User.Identity.UserId Session
In IIS Manager center pane, there is an icon titled "Authentication" as follows: Clicking the icon, we get 3 items as follows: Right clicking the Anonymous Authentication and select edit, we have: Question: which one should I use? What is the difference?
View 3 Repliesthis works fine on my local site but as soon as i upload the site to my live server i get stem.NullReferenceException: Object reference not set to an instance of an object
on the first line of this:
if (!Page.User.Identity.IsAuthenticated)
{
pnlSignIn.Visible = true;
pnlSignOut.Visible = false;
}
I'm using the MVC2 framework and one of my views has a bit of conditional logic that gets the Page.User.Identity object and does a comparison with other values to determine what to display.That all works fine on the initial page load, but when I make an AJAX call to get partial page updates (I'm doing this all manually with YUI3, not the .NET AJAX stuff) the Page.User object is always null.
View 1 Repliesget the below error. My application was working fine until I probably modified something, but don't know what.
Server Error in '/' Application.
Method is only supported if the user name parameter matches the user name in the current Windows Identity.
Description: An unhandled exception occurred during the execution of the current web request. review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Configuration.Provider.ProviderException: Method is only supported if the user name parameter matches the user name in the current Windows Identity.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[ProviderException: Method is only supported if the user name parameter matches the user name in the current Windows Identity.]
System.Web.Security.WindowsTokenRoleProvider.GetCurrentWindowsIdentityAndCheckName(String userName) +2195661
System.Web.Security.WindowsTokenRoleProvider.GetCurrentTokenAndCheckName(String userName) +36
System.Web.Security.WindowsTokenRoleProvider.GetRolesForUser(String username) +61
System.Web.Security.RolePrincipal.IsInRole(String role) +182....
i want to use dataset , or any thing ... to display Sum * where user= user.identity.name(not use gridvew, or formview) because i have more then 100 columns . i m newbie. realy , 1 month, it not solve, sometime , i want to give up
View 3 Replies