Web.HttpContext.Current.User.Identity.Name is blank

D

Dan Bart

I am using an application which is a modification of IBuySpy Portal.
It is using Forms authentication. Users login and their name is added
to
Context
Then I use:

Web.HttpContext.Current.User.Identity.Name

to write audit trail as to what users do. Now recently on one of the
activities I noticed that the

Web.HttpContext.Current.User.Identity.Name was blank. Which should not
have been possible?

Can someone please tell me why this could have happened? And how I can
prevent this?



Thanks,



db
 
T

Teemu Keiski

And it is put to the Context on every request i.e user is athenticated with
forms auth and then in Application_AuthenticateRequest you populate the
HttpContext with the Principal? I am asking because HttpContext is recreated
for every request which means that user details must also.
 
A

Andrea D'Onofrio [MSFT]

To populate the LOGON_USER variable when you use any authentication mode
other than None, you can deny access to the Anonymous user in the
<authorization> section of the Web.config file and change the authentication
mode other then None.

NOTE: When you enable Anonymous authentication in conjunction with Windows
authentication <or> if you grant access to the Anonymous user in the
<authorization> section while you are using any authentication mode other
than None, other server variables such as AUTH_USER and REMOTE_USER (as well
as the HttpContext.Current.User.Identity.Name property) also return an
empty string. You can use the any of the above-mentioned resolutions to
populate these variables.

Please refer to this public article for any additional details:
306359 PRB: Request.ServerVariables("LOGON_USER") Returns Empty String in
http://support.microsoft.com/?id=306359

HtH,
Andrea

--
This posting is provided "AS IS" with no warranties, and confers no rights.

Pete said:
Hi Dan,

I notice this behaviour too but only after the initial authentication
request. Subsequent requests contain the expected user name.

--
Cheers

Pete

XBOX Live Leagues & Tournaments
http://www.xboxracing.net/
Click to expand...
addedcontext that the code is running under. Context.User.Identity is the
user that asp.net recognizes - and this is not always the same. In
particular, if impersonation is off you'll get the app pool identity (or
ASPNET in IIS5) for WindowsIdentity; User.Identity will give the user name
regardless of impersonation.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Using netrc when user password is blank 0
User.Identity.Name is blank 2
user context goes blank 0
Returning value is blank 19
Why is AddRelativeForce not adding force to player? 1
I used defaultdic to store some variables but the output is blank 3
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
smtp - from field shows up blank in client 8

Members online

No members online now.
Total: 40 (members: 1, guests: 39)
Robots: 473

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top