System.Security.Principal.WindowsIdentity.GetCurrent()

[Jeremy Chapman]

I have a web application which calls a web service, which calls a method in
an assembly of it's bin directory.
The web application and web service use windows authentication with windows
impersonation set in the web.config files. In IIS, these virtual
directories have anonymous access turned off.

I am debugging, and stepping through all the code, If I inspect
System.Security.Principal.WindowsIdentity.GetCurrent().Name I will see my
windows account name and domain in both the web application and the web
service. But when I step into the code in the assembly being called by the
web service, the System.Security.Principal.WindowsIdentity.GetCurrent().Name
contains my machine name. Why would code in the assembly run under a
different context?

 

[Nicole Calinoiu]

How are you invoking the code in the assembly that is "called by the web
service"?

 

[Jeremy Chapman]

I reference the assembly from my web service project, and in the code of the
web method, I instatiate a class contained in that assembly and do a method
call.

 

[Nicole Calinoiu]

Unless you've got a RevertToSelf or impersonation in there somewhere, this
is pretty odd since the code is presumably executing in the context of the
web service process. Might you be able to provide a simple sample (à la
http://www.yoda.arachsys.com/csharp/complete.html) that duplicates the
problem?