Application.UserIdentity & Application.User

Answered
0
0

I am struggling to understand something.

I have an intranet-based application and IIS is set to deny anonymous access at all levels

However

Application.UserIdentity always returns the correct Windows User.

Application.User always returns the Anonymous user

If I put the below in the web config the application will not connect at all

<authorization>
<deny users=”?”/>
</authorization>

Could someone explain what is going on?

  • You must to post comments
Good Answer
0
0

Hi Ewan

Did you try adding roles to allow your users to connect to your app?

The configuration you did would deny any access to your application, you should atleast define certain roles for your users to allow them to connect.

For more info, you can head over to Microsoft’s Documentation | Authorization for more details.

As for the difference between Application.User and Application.UserIdentity is the following:

The User property simply gives you “security” information, such as the user’s SID.

The UserIdentity however would return the WindowsIdentity type related to the user currently connected to the client.

You can read about them over at Microsoft’s Documentations: WindowsIdentity ClassIPrincipal Interface

HTH,
Alaa

//

  • You must to post comments
0
0

Impersonation only works if the client user machine and the server are on the same AD. It’s a Windows feature. You can also start impersonation in your app.

https://learn.microsoft.com/en-us/dotnet/api/system.security.principal.windowsidentity.impersonate?view=netframework-4.8

Wisej.NET doesn’t and can’t change the way IIS and Windows manage authentication. What you find in User and UserIdentity is what is returned by ASP.NET and IIS.

  • You must to post comments
0
0

I have tracked this down to a setting in Default.Json namely Impersonate = true

Given the web config is set up correctly for impersonation, it appears remote logins (and local logins in some cases), fail to pick up the correct user when this is set in default.json in addition, (in verson 3.0.17) with the anonymous user being picked instead, despite the anonymous user being filtered out in the web config file.

If I remove this line from Default.json everything works again.

As it was not happening before; I am not sure whether this is a bug.

Also is it possible to define default Windows credentials in default.json, to avoid remote user’s needing to log on by entering their windows credentials?

Attempting to set this in the web config will not work.

Many Thanks

  • You must to post comments
Showing 3 results
Your Answer

Please first to submit.