Home/ Questions/Q 6963609
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T15:48:56+00:00

In the web.config: <configuration> <authentication mode=Windows> </authentication> <authorization> <deny users=? /> </authorization> </configuration> in

  • 0

In the web.config:

<configuration>
    <authentication mode="Windows">
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>
</configuration>

in global.asax

protected void Application_AuthenticateRequest(object sender, EventArgs args)
{
    tracker.LogRequest(HttpContext.Current.User, DateTime.Now)
    ///THIS IS ALWAYS NULL!!!
}

I am just really confused by this, any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think this is a symptom of listening on the wrong event. You should probably listen for Application.PostAuthenticateRequest.

    Running a sample piece of code using a project I have that authenticates against my local domain’s Active Directory to ask if the User object is nothing:

    Code

    Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs)
    Debug.WriteLine("Authenticate Request: " & (HttpContext.Current.User Is Nothing))
End Sub

Sub Application_PostAuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs)
    Debug.WriteLine("Post-authenticate Request: " & (HttpContext.Current.User Is Nothing))
End Sub

    Output

    Authenticate Request: True

    Post-authenticate Request: False

    Following the PostAuthenticateRequest event, the HttpContext.Current.User.Identity property is an instance of System.Security.Principal.GenericIdentity for unauthenticated requests.

    • 0