asp.net - Current windowsidentity same as currentrequest user identity with windows authentication -
i have weird issue windows authentication. have asp.net webforms application in have single folder uses windows authentication. folder correctly configured windows authentication in iis. application uses .net impersonation via web.config. when navigate page in folder using windows authentication the:
- system.web.httpcontext.current.user.identity.name returns name of user doing request (this expected)
- system.security.principal.windowsidentifier.getcurrent.name returns name of user under application runs (this expected)
now have been working on new version of our product long time. , find out behavior has changed. when perform same test again both httpcontext user name , principal.windowsidentity.getcurrent return name of user performing request.
we have checked relevant code , cannot seem find difference has behavior. converted application .net 4.0 .net 4.5.2 in new version, however, when convert old version .net 4.5.2, behavior stays correct (the 2 properties show different identity) doesn't seem difference.
any thoughts on cause of behavior?
edit: debugging tells me identity has wrong value when executing global.asax prerequesthandler. in beginrequest impersonation of web site has not been performed, , current identity app pool identity
edit2: seems server specific. reason old version works correctly on develop machines, new version doesn't. however, new version work correctly on deployment servers (our daily builds). has pointers possible cause?
right, found issue. problem iis added web.config folder using windows authentication, in enabled impersonation on folder. when both windows authentication , impersonation enabled on same folder, behavior both windows identity , request identity same user correct.
the situation needed can achieved enabling windows authentication, disabling impersonation on folder. in case windows identity default web site's user, , request identity windows identity of user accessing page
Comments
Post a Comment