Windows Authentication - Getting Client Info

Discussion in 'ASP .Net Security' started by Bari Allen, Oct 3, 2005.

  1. Bari Allen

    Bari Allen Guest

    I have a very simple ASP.NET page, to test windows authentication. Here's
    the dilemma:

    System.Security.Principal.WindowsIdentity.GetCurrent
    returns
    MyWebServerName\IUSR_ ...

    when what I want is the CLIENT's:
    WindowsDomain\WindowsLogin

    How do I retrieve the client info, so I can use it for impersonation? Thank
    you in advance.

    Bari
    Bari Allen, Oct 3, 2005
    #1
    1. Advertising

  2. Hello Bari,

    this looks like you are

    a) already impersonating (look in web.config for <identity impersonate="true"
    />)
    b) have anonymous authentication enabled


    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > I have a very simple ASP.NET page, to test windows authentication.
    > Here's the dilemma:
    >
    > System.Security.Principal.WindowsIdentity.GetCurrent
    > returns
    > MyWebServerName\IUSR_ ...
    > when what I want is the CLIENT's:
    > WindowsDomain\WindowsLogin
    > How do I retrieve the client info, so I can use it for impersonation?
    > Thank you in advance.
    >
    > Bari
    >
    Dominick Baier [DevelopMentor], Oct 3, 2005
    #2
    1. Advertising

  3. Bari Allen

    Bari Allen Guest

    Thanks for your quick reply Dominick,

    Yes, I do have
    <identity impersonate="true"/>

    I also have
    <authentication mode="Windows" />

    so shouldn't it be looking to the client rather than grabbing an anonymous
    setting of some type?

    How do I check for "anonymous" authentication? And how/what should it be if
    that's the setting. Please forgive my ignorance, here, as security is a
    whole new topic for me.

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Bari,
    >
    > this looks like you are
    >
    > a) already impersonating (look in web.config for <identity

    impersonate="true"
    > />)
    > b) have anonymous authentication enabled
    >
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > I have a very simple ASP.NET page, to test windows authentication.
    > > Here's the dilemma:
    > >
    > > System.Security.Principal.WindowsIdentity.GetCurrent
    > > returns
    > > MyWebServerName\IUSR_ ...
    > > when what I want is the CLIENT's:
    > > WindowsDomain\WindowsLogin
    > > How do I retrieve the client info, so I can use it for impersonation?
    > > Thank you in advance.
    > >
    > > Bari
    > >

    >
    >
    Bari Allen, Oct 3, 2005
    #3
  4. Bari Allen

    Bari Allen Guest

    Nevermind, Dominick--I just realized IIS. Thank you.

    "Bari Allen" <> wrote in message
    news:...
    > Thanks for your quick reply Dominick,
    >
    > Yes, I do have
    > <identity impersonate="true"/>
    >
    > I also have
    > <authentication mode="Windows" />
    >
    > so shouldn't it be looking to the client rather than grabbing an anonymous
    > setting of some type?
    >
    > How do I check for "anonymous" authentication? And how/what should it be

    if
    > that's the setting. Please forgive my ignorance, here, as security is a
    > whole new topic for me.
    >
    > "Dominick Baier [DevelopMentor]" <>
    > wrote in message news:...
    > > Hello Bari,
    > >
    > > this looks like you are
    > >
    > > a) already impersonating (look in web.config for <identity

    > impersonate="true"
    > > />)
    > > b) have anonymous authentication enabled
    > >
    > >
    > > ---------------------------------------
    > > Dominick Baier - DevelopMentor
    > > http://www.leastprivilege.com
    > >
    > > > I have a very simple ASP.NET page, to test windows authentication.
    > > > Here's the dilemma:
    > > >
    > > > System.Security.Principal.WindowsIdentity.GetCurrent
    > > > returns
    > > > MyWebServerName\IUSR_ ...
    > > > when what I want is the CLIENT's:
    > > > WindowsDomain\WindowsLogin
    > > > How do I retrieve the client info, so I can use it for impersonation?
    > > > Thank you in advance.
    > > >
    > > > Bari
    > > >

    > >
    > >

    >
    >
    Bari Allen, Oct 3, 2005
    #4
  5. Bari Allen

    Salah Mrad Guest

    Can you help me?
    I have the same problem, and i couldn't solve it, so if you got the solution
    would you please put it in your reply?

    it is very very important....
    Thanks in advance.
    Salah Mrad, Jul 20, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vasanth
    Replies:
    0
    Views:
    547
    Vasanth
    Jun 28, 2004
  2. Andrea Williams

    Clear the Render info & change to different info

    Andrea Williams, Oct 27, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    1,413
    Ken Dopierala Jr.
    Oct 27, 2004
  3. Bolin
    Replies:
    3
    Views:
    320
    Bengt Richter
    Nov 10, 2004
  4. Kiran
    Replies:
    0
    Views:
    1,221
    Kiran
    Feb 6, 2005
  5. C Trailer

    Windows authentication and user info

    C Trailer, Oct 5, 2005, in forum: ASP .Net Security
    Replies:
    3
    Views:
    132
    Joe Kaplan \(MVP - ADSI\)
    Oct 6, 2005
Loading...

Share This Page