Summary of the question : In ASP.net, if you use credentials to invoke a web service, how can you retrieve the original user logged in to the web application calling the web service?
Explanation:
We have a web application, invoking a web service. Both are ASP.NET, currently 2.0.
The user logs in to the web application (Windows authentication), but to call the web service we use specific credentials:
proxy.PreAuthenticate = true;
proxy.Credentials = new System.Net.NetworkCredential(UserName, Password);
From the invoked web service, if we access the identity attribute of the webservice class ( WebService.User.Identity
) it gets the original user logged in , not these credentials.
However, when switching to Federation Authentication and .NET 4 in the web service, now WebService.User.Identity retrieves the special credentials.
Summing up, invoking the same web method with the same credentials, WebService.User.Identity returns:
.NET 2 + Windows authentication: original username of the logged in user
.NET 4 + Federation authentication: credentials used in the method call
How can I change it to get the original user logged in in .NET 4 with federation authentication?
EDIT: Some more information, in .NET 2 the server variables related to the user are:
And as I said, in .NET 4 the 3 server variables are the special user credentials.
Hi Can you give a try to below code to get the original logged in user:
string serverVariable = Request.ServerVariables["AUTH_USER"].ToString();
string[] authUser = serverVariable.Split('\\');
string strUserName = authuser[0];
string strDomain = authUser[1];
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.