C
cmrchs
hello,
I have problems understanding Authentication / Authorisation in
ASP.NET 2.0.
I have a simple WhoAmI.aspx page
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
lblAuthentication.Text = "Authenticated user: " +
User.Identity.Name;
else
lblAuthentication.Text = "User not authenticated.
Anonymous access";
lblIdentity.Text = "Windows identity: " +
WindowsIdentity.GetCurrent().Name;
} // Page_Load()
Settings in web.config are as follows:
<authentication mode="Windows" />
<identity impersonate="false" />
<authorization>
<allow users="*" />
</authorization>
IIS 7.0 has Anonymous Authentication enabled
I log in as Chris (administrator of the machine), and browsing to the
page the output is:
Authenticated user: MyPC\Chris
Windows identity: MyPC\Chris
Additionally checking for
_windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator)
i get TRUE
Then, I create a new administrator user called 'Bob'
I am using Windows Vista Home Premium so I can switch to user Bob and
when browsing to the same page i get a completely different result
namely:
User not authenticated. Anonymous access
Windows identity: NT AUTHORITY\NETWORK
how come???
Checking for
_windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator)
i get FALSE ???
what is happening here?
thank you
Chris
I have problems understanding Authentication / Authorisation in
ASP.NET 2.0.
I have a simple WhoAmI.aspx page
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
lblAuthentication.Text = "Authenticated user: " +
User.Identity.Name;
else
lblAuthentication.Text = "User not authenticated.
Anonymous access";
lblIdentity.Text = "Windows identity: " +
WindowsIdentity.GetCurrent().Name;
} // Page_Load()
Settings in web.config are as follows:
<authentication mode="Windows" />
<identity impersonate="false" />
<authorization>
<allow users="*" />
</authorization>
IIS 7.0 has Anonymous Authentication enabled
I log in as Chris (administrator of the machine), and browsing to the
page the output is:
Authenticated user: MyPC\Chris
Windows identity: MyPC\Chris
Additionally checking for
_windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator)
i get TRUE
Then, I create a new administrator user called 'Bob'
I am using Windows Vista Home Premium so I can switch to user Bob and
when browsing to the same page i get a completely different result
namely:
User not authenticated. Anonymous access
Windows identity: NT AUTHORITY\NETWORK
how come???
Checking for
_windowsPrincipal.IsInRole(WindowsBuiltInRole.Administrator)
i get FALSE ???
what is happening here?
thank you
Chris