aqunix
asked on
Get Current Logged on User Username
I am new to ASP.NET , but I am an Expert in ASP classic
I am developing and ASP application that integrates with Active Directory.
I am stuck at a point:
- I have an Active Directory Machine , Lets Say ( MyDomain )
- And I have a Web server on a different Machine.
- and I have a stand alone client Machine Logged in using an Active Directory Account.
I need the Following :
Once I load a page it will get my Current Login Name , since I am already logged in. and search in Active Directory.
Then it will give me my Full Name.
-------------------------- ---------- ------
I have tried the Request.ServerVariables("L OGON_USER" ) where it returns nothing.
-------------------------- ---------- ------
- I have Cleard the Check Box in the IIS for the Anonymous user
- I have made sure that the Integrated Windows Authentication is checked.
But when I try to view the site , it is asking me to Enter a user name & Password. [ I DO NOT WANT TO ENTER MY USERNAME & PASSWORD AGAIN ]
and Also this can be solved by Entering the site in the Local Intranet trusted Zone in the Internet Explorer.
But also I don't want this too.
-------------------------- ---------- --------
I have read some articles on the web that this senario can be done using the Web.Config file.
-------------------------- ---------- -------
What I am planning to do is : use One Page to get the username , then the Full Name from the Active Directory using ASP.NET.
Then I will load these valuse in a Session Variable
after that I will continue my ASP Classic Application.
any URGENT HELP & REPLY is highly apreciated.
I am developing and ASP application that integrates with Active Directory.
I am stuck at a point:
- I have an Active Directory Machine , Lets Say ( MyDomain )
- And I have a Web server on a different Machine.
- and I have a stand alone client Machine Logged in using an Active Directory Account.
I need the Following :
Once I load a page it will get my Current Login Name , since I am already logged in. and search in Active Directory.
Then it will give me my Full Name.
--------------------------
I have tried the Request.ServerVariables("L
--------------------------
- I have Cleard the Check Box in the IIS for the Anonymous user
- I have made sure that the Integrated Windows Authentication is checked.
But when I try to view the site , it is asking me to Enter a user name & Password. [ I DO NOT WANT TO ENTER MY USERNAME & PASSWORD AGAIN ]
and Also this can be solved by Entering the site in the Local Intranet trusted Zone in the Internet Explorer.
But also I don't want this too.
--------------------------
I have read some articles on the web that this senario can be done using the Web.Config file.
--------------------------
What I am planning to do is : use One Page to get the username , then the Full Name from the Active Directory using ASP.NET.
Then I will load these valuse in a Session Variable
after that I will continue my ASP Classic Application.
any URGENT HELP & REPLY is highly apreciated.
ASKER
This is good step.
But as I told you before I am an Expert in ASP Classic and I am new to ASP.NET
- now how to read the current Logon User in ASP.NET ?
- then shloud I use my reqular ASP code to get user info from the active Directory ?
But as I told you before I am an Expert in ASP Classic and I am new to ASP.NET
- now how to read the current Logon User in ASP.NET ?
- then shloud I use my reqular ASP code to get user info from the active Directory ?
You need to use the Page.UserIdentity method.
have a look at http://www.eggheadcafe.com/articles/20050703.asp
good tutorial
have a look at http://www.eggheadcafe.com/articles/20050703.asp
good tutorial
ASKER
can use send me a complete working code :o)
It's pretty straightforward
C#
string _user = Page.User.Identity.Name;
string _window = System.Security.Principal. WindowsIde ntity.GetC urrent().N ame;
string _thread = System.Threading.Thread.Cu rrentPrinc ipal.Ident ity.Name;
VB.NET
Dim _user as string = Page.User.Identity.Name
Dim _window as string = System.Security.Principal. WindowsIde ntity.GetC urrent().N ame
Dim _thread as string = System.Threading.Thread.Cu rrentPrinc ipal.Ident ity.Name
Work from there, and let me know if you have any problems.
C#
string _user = Page.User.Identity.Name;
string _window = System.Security.Principal.
string _thread = System.Threading.Thread.Cu
VB.NET
Dim _user as string = Page.User.Identity.Name
Dim _window as string = System.Security.Principal.
Dim _thread as string = System.Threading.Thread.Cu
Work from there, and let me know if you have any problems.
ASKER
I told you I am new to ASp.NET
can you send it in full page :o)
<%@ Page Language="VB" %>
.
.
.
</body
</html>
can you send it in full page :o)
<%@ Page Language="VB" %>
.
.
.
</body
</html>
Don't forget to turn of anonymous access in IIS, else it possibly still not works.
ASKER
I did turn it OFF, but still once I request the site from the client .
I got the Windows Popup to enter the Username & Password.
I don't want to see this screen
I got the Windows Popup to enter the Username & Password.
I don't want to see this screen
ASKER
I have been told that I should Enter a valied Active Directory Account username & Password in the Web.config
But where and how to ?
But where and how to ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to enable ASPX debugging. Otherwise, setting this value to
false will improve runtime performance of this application.
Set compilation debug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at all other times. For more information, refer to the documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="c#" debug="true"><assemblies>< add assembly="CrystalDecisions .CrystalRe ports.Engi ne, Version=9.1.5000.0, Culture=neutral, PublicKeyToken=692fbea5521 e1304"/><a dd assembly="CrystalDecisions .ReportSou rce, Version=9.1.5000.0, Culture=neutral, PublicKeyToken=692fbea5521 e1304"/><a dd assembly="CrystalDecisions .Shared, Version=9.1.5000.0, Culture=neutral, PublicKeyToken=692fbea5521 e1304"/><a dd assembly="CrystalDecisions .Web, Version=9.1.5000.0, Culture=neutral, PublicKeyToken=692fbea5521 e1304"/></ assemblies ></compila tion>
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not running
on the local Web server. This setting is recommended for security purposes, so
that you do not display application detail information to remote clients.
-->
<customErrors mode="RemoteOnly"/>
<!-- AUTHENTICATION
This section sets the authentication policies of the application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to
its settings for the application. Anonymous access must be disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter their credentials, and then
you authenticate them in your application. A user credential token is stored in a cookie.
"Passport" Authentication is performed via a centralized authentication service provided
by Microsoft that offers a single logon and core profile services for member sites.
-->
<authentication mode="Windows"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*"/> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an application.
Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your web application
root.
-->
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc" stateConnectionString="tcp ip=127.0.0 .1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_C onnection= yes" cookieless="false" timeout="20"/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
<!-- Impersonation is the act of ASP.NET executing code in the context of an authenticated client (Windows account).
If you want you can specify a particular account Windows account to be used instead of the ASPNET Windows
account. You can do it like this:
<identity impersonate="true" userName="WindowsDomain\Yo urUserName " password="YourPassword" />
-->
<identity impersonate="true" />
</system.web>
</configuration>
This is how the web.config file would look like. you can opt for any of the two ways to implement identity impersonation.
i hope this would help you....
<configuration>
<system.web>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to enable ASPX debugging. Otherwise, setting this value to
false will improve runtime performance of this application.
Set compilation debug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at all other times. For more information, refer to the documentation about
debugging ASP.NET files.
-->
<compilation defaultLanguage="c#" debug="true"><assemblies><
<!-- CUSTOM ERROR MESSAGES
Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
Add <error> tags for each of the errors you want to handle.
"On" Always display custom (friendly) messages.
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not running
on the local Web server. This setting is recommended for security purposes, so
that you do not display application detail information to remote clients.
-->
<customErrors mode="RemoteOnly"/>
<!-- AUTHENTICATION
This section sets the authentication policies of the application. Possible modes are "Windows",
"Forms", "Passport" and "None"
"None" No authentication is performed.
"Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to
its settings for the application. Anonymous access must be disabled in IIS.
"Forms" You provide a custom form (Web page) for users to enter their credentials, and then
you authenticate them in your application. A user credential token is stored in a cookie.
"Passport" Authentication is performed via a centralized authentication service provided
by Microsoft that offers a single logon and core profile services for member sites.
-->
<authentication mode="Windows"/>
<!-- AUTHORIZATION
This section sets the authorization policies of the application. You can allow or deny access
to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
(unauthenticated) users.
-->
<authorization>
<allow users="*"/> <!-- Allow all users -->
<!-- <allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an application.
Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your web application
root.
-->
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
<!-- SESSION STATE SETTINGS
By default ASP.NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc" stateConnectionString="tcp
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
<!-- Impersonation is the act of ASP.NET executing code in the context of an authenticated client (Windows account).
If you want you can specify a particular account Windows account to be used instead of the ASPNET Windows
account. You can do it like this:
<identity impersonate="true" userName="WindowsDomain\Yo
-->
<identity impersonate="true" />
</system.web>
</configuration>
This is how the web.config file would look like. you can opt for any of the two ways to implement identity impersonation.
i hope this would help you....
ASKER
Still I am getting promted to Enter the Username & Password :(
ASKER
I have created the web.config as presented above. and I have entered a valid UserName & Password where specified.
and I have created an aspx page with the following code :
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Security .Principal " %>
<%
Dim _user as string = Page.User.Identity.Name
Dim _window as string = System.Security.Principal. WindowsIde ntity.GetC urrent().N ame
Dim _thread as string = System.Threading.Thread.Cu rrentPrinc ipal.Ident ity.Name
Dim url as string
Session("mySession") = Page.User.Identity.Name
Response.Write (Session("mySession"))
%>
The anonymous check box is cleared from the IIS.
Expected result is when I request the aspx page , not to get promted with a Username & Password. It should get them from the web.config file.
But still I am getting promted to Enter a Username & Password.
Please help ...... I Feel that I am too close now of the solution, I just need one last push.
and I have created an aspx page with the following code :
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Security
<%
Dim _user as string = Page.User.Identity.Name
Dim _window as string = System.Security.Principal.
Dim _thread as string = System.Threading.Thread.Cu
Dim url as string
Session("mySession") = Page.User.Identity.Name
Response.Write (Session("mySession"))
%>
The anonymous check box is cleared from the IIS.
Expected result is when I request the aspx page , not to get promted with a Username & Password. It should get them from the web.config file.
But still I am getting promted to Enter a Username & Password.
Please help ...... I Feel that I am too close now of the solution, I just need one last push.
ASKER
I have turned ON the anonymous from the IIS.
Now it is working but , it is giving me the Username of the User I have entered in the web.config .
I need to get the Username of the current Logon user.
Help me
Now it is working but , it is giving me the Username of the User I have entered in the web.config .
I need to get the Username of the current Logon user.
Help me
remove the username and password and change to this:
<system.web>
<identity impersonate="true" />
</system.web>
IF the user connecting to the server has been authenticated on the domain already, this will work. If not, it will prompt for a username and password.
<system.web>
<identity impersonate="true" />
</system.web>
IF the user connecting to the server has been authenticated on the domain already, this will work. If not, it will prompt for a username and password.
ASKER
I think its going to work , thank you Nightman for your help.
One last Question , can I transfer the Session Variable created in aspx page and use it in Asp classic page ?
I tried to Response.write [ the created session which I created in aspx page ] in my classic asp Page , but it was empty.
how to transfer session as a session
One last Question , can I transfer the Session Variable created in aspx page and use it in Asp classic page ?
I tried to Response.write [ the created session which I created in aspx page ] in my classic asp Page , but it was empty.
how to transfer session as a session
I have never tried it, but I doubt it, as the Session object is different in .NET. Perhaps if you post that as a different question one of the other Experts may be able to assist.
add this to the config file:
<system.web>
<identity impersonate="true" />
</system.web>
This will ensure that all authenticated clients connect with their user name, and you should not be prompted for a username and password again.
Have a look at:
http://www.aspdev.org/articles/web.config/
http://aspnet.4guysfromrolla.com/articles/031204-1.aspx