I’m creating an intranet web-application in an IE shop and I’m looking to retrieve the user’s logged-in computer username without prompting for a username/password combination. This is easy, until the application is placed on a webserver. It seems that every combination I try from here on in results in either a null string or prompting for login information.
I have defined:
<authentication mode="Windows"/>
<identity impersonate="true"/>
And I’m trying these options:
Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name & " \n")
Response.Write("Windows Identity: " & WindowsIdentity.GetCurrent.Name & " \n")
Response.Write("Thread: " & Thread.CurrentPrincipal.Identity.Name & " \n")
Response.Write(Request.ServerVariables("LOGON_USER"))
Response.Write(User.Identity.Name)
None of these with any combination of IIS settings seems to be working for me. Have I taken the wrong approach? Is this possible? How can I solve this?
Whenever I switch my IIS to use Windows Integrated Authentication, it prompts me for a username/password. Why is this? How can I stop it?
An example of what I want (if it’s not clear), is
DOMAINNAME/USERNAME
or
HOME/CHARLIE
Make sure that the server(s) that host your application are in the Intranet zone under IE’s security settings; by default, IE doesn’t automatically send Windows authentication credentials to sites in other zones. You may also need to add your site’s hostname(s) to the Trusted sites zone.
If your website is something like intranet.mydomain.com and your users are authenticating against an Active Directory server for mydomain.com, this will happen automatically; otherwise, you’ll need to modify IE’s settings, or host your app on a server that’s a member of your Active Directory domain.