What's the difference in an asp.NET environment with Windows Authentication and Identity Impersonation turned on, between HttpContext.Current.User.Principal and WindowsIdentity.GetCurrent()?
Asked
Active
Viewed 2.2k times
12
-
Although this question has already been answered, I found out that [this](http://forums.asp.net/t/1507047.aspx?WindowsIdentity%20GetCurrent%20Name%20vs%20User%20Identity%20Name) and [this link](http://msdn.microsoft.com/en-us/library/aa302377.aspx) answered it more clearly. – chenz Feb 24 '14 at 03:48
1 Answers
16
According to this forum on WindowsIdentity.GetCurrent().Name vs. User.Identity.Name:
User.Identity.Namerepresents the identity passed from IIS.WindowsIdentity.GetCurrent().Nameis the identity under which the thread is running.
Depending on your app's authentication settings in IIS, they will return different values:
| Anonymous | Impersonate | User.Identity.Name | WindowsIndentiy.GetCurrent() |
|-----------|-------------|--------------------|-------------------------------|
| Yes | True | Empty String | IUSR_<machineName> |
| Yes | False | Empty String | NT Authority\Network Service |
| No | True | domain\user | domain\user |
| No | False | domain\user | NT Authority\Network Service |
Legend:
- Where domain\user will show up as:
- domain\user for Active Directory
- machineName\userName for local account
- Where NT Authority\Network Service will show up as:
- NT Authority\Network Service for Windows Server or ASP.NET
- machineName\ASPNET_WP for Windows XP
KyleMit
- 30,350
- 66
- 462
- 664