How does HttpContext.Current.User.Identity.Name know which usernames exist?

c# asp.net httpcontext
139,403

Solution 1

The HttpContext.Current.User.Identity.Name returns null

This depends on whether the authentication mode is set to Forms or Windows in your web.config file.

For example, if I write the authentication like this:

<authentication mode="Forms"/>

Then because the authentication mode="Forms", I will get null for the username. But if I change the authentication mode to Windows like this:

<authentication mode="Windows"/>

I can run the application again and check for the username, and I will get the username successfully.

For more information, see System.Web.HttpContext.Current.User.Identity.Name Vs System.Environment.UserName in ASP.NET.

Solution 2

For windows authentication

select your project.

Press F4

Disable "Anonymous Authentication" and enable "Windows Authentication"

enter image description here

Solution 3

How does [HttpContext.Current.User] know which usernames exist or do not exist?

Let's look at an example of one way this works. Suppose you are using Forms Authentication and the "OnAuthenticate" event fires. This event occurs "when the application authenticates the current request" (Reference Source).

Up until this point, the application has no idea who you are.

Since you are using Forms Authentication, it first checks by parsing the authentication cookie (usually .ASPAUTH) via a call to ExtractTicketFromCookie. This calls FormsAuthentication.Decrypt (This method is public; you can call this yourself!). Next, it calls Context.SetPrincipalNoDemand, turning the cookie into a user and stuffing it into Context.User (Reference Source).

Solution 4

Assume a network environment where a "user" (aka you) has to logon. Usually this is a User ID (UID) and a Password (PW). OK then, what is your Identity, or who are you? You are the UID, and this gleans that "name" from your logon session. Simple! It should also work in an internet application that needs you to login, like Best Buy and others.

This will pull my UID, or "Name", from my session when I open the default page of the web application I need to use. Now, in my instance, I am part of a Domain, so I can use initial Windows authentication, and it needs to verify who I am, thus the 2nd part of the code. As for Forms Authentication, it would rely on the ticket (aka cookie most likely) sent to your workstation/computer. And the code would look like:

string id = HttpContext.Current.User.Identity.Name;

// Strip the domain off of the result
id = id.Substring(id.LastIndexOf(@"\", StringComparison.InvariantCulture) + 1);

Now it has my business name (aka UID) and can display it on the screen.

Solution 5

Also check that

<modules>
      <remove name="FormsAuthentication"/>
</modules>

If you found anything like this just remove:

<remove name="FormsAuthentication"/>

Line from web.config and here you go it will work fine I have tested it.

Share:
139,403

Related videos on Youtube

Srb1313711
Author by

Srb1313711

Web Dev

Updated on July 09, 2022

Comments

  • Srb1313711
    Srb1313711 almost 2 years

    This is not necessarily an issue, I am just curious as to how it works. I have a method:

    public static bool UserIsAuthenticated()
{
    bool isAuthed = false;
    try
    {
        if (HttpContext.Current.User.Identity.Name != null)
        {
            if (HttpContext.Current.User.Identity.Name.Length != 0)
            {
                FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity;
                FormsAuthenticationTicket ticket = id.Ticket;
                isAuthed = true;
                string MyUserData = ticket.UserData;
            }
        }
    }
    catch { } // not authed
    return isAuthed;
}

    The HttpContext.Current.User.Identity.Name returns null if the user does not exist, but how does it know which usernames exist or do not exist?

    • Liath
      Liath over 10 years
      Is the user authenticated?
  • Srb1313711
    Srb1313711 over 10 years
    Thanks for the answer but my method in question works my question is how? I dont understand how HttpContext.Current.User.Identity.Name is set?
  • TylerH
    TylerH about 4 years
    This does not seem to address the question "how does HttpContext know which usernames exist?"
  • TylerH
    TylerH about 4 years
    This does not seem to address the question "how does HttpContext know which usernames exist?".

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Alternatives to Response.TransmitFile()
How to initialise a custom HTTP Context or HttpContextBase
Can we use Response.Flush () instead of Response.End()
Determine the URL hostname without using HttpContext.Current?
HttpContext.Current not Resolving in MVC 4 Project
HttpContext.Current.Request.Url.Host what it returns?
Read Http Request into Byte array
Why is HttpContext.Current null?
Get current System.Web.UI.Page from HttpContext?
Remove HttpContext.Current.Session