ASP.NET Core Identity — get current user

To get the currently logged in user in MVC5, all we had to do was:

Now, with ASP.NET Core I thought this should work, but it throws an error.

EDIT: Gerardo’s response is on track but to get the actual «Id» of the user, this seems to work:

7 Answers 7

Assuming your code is inside an MVC controller:

From the Controller base class, you can get the IClaimsPrincipal from the User property

You can check the claims directly (without a round trip to the database):

Other fields can be fetched from the database’s User entity:

Get the user manager using dependency injection

If you are using Bearing Token Auth, the above samples do not return an Application User.

Instead, use this:

This works in apsnetcore 2.0. Have not tried in earlier versions.

For context, I created a project using the ASP.NET Core 2 Web Application template. Then, select the Web Application (MVC) then hit the Change Authentication button and select Individual User accounts.

There is a lot of infrastructure built up for you from this template. Find the ManageController in the Controllers folder.

This ManageController class constructor requires this UserManager variable to populated:

Then, take a look at the the [HttpPost] Index method in this class. They get the current user in this fashion:

As a bonus note, this is where you want to update any custom fields to the user Profile you’ve added to the AspNetUsers table. Add the fields to the view, then submit those values to the IndexViewModel which is then submitted to this Post method. I added this code after the default logic to set the email address and phone number:

Use Windows Authentication to get User ID with .Net Identity for Role Management

We have an Intranet site we are developing in ASP.NET 5 aka vNext and MVC 6.

We’d like to be able to get the Windows Network ID the user is logged in as, but then there is an existing database defining roles, etc. we were going to leverage and have already done so. Really all I want to do is get the Windows user ID while using ASP.NET Identity to manage roles the user has access to. Any suggestions how to accomplish this?

Essentially in Startup.cs I have something like below in Configure Services:

Next in Configure I have: app.UseIdentity();

Windows Authentication is on at the project properties level and so is Anonymous. I see no way to actually get the Windows User ID.

2 Answers 2

Warning: this is code for ASP.NET 4.5 not 5.

Put this is your web.config:

This way you must have an Windows Network User Id. Which a user always has in an intranet application. Then just use:

Just as before. Like this:

Once again this is code for a .NEET 4.5 and NOT a .NET 5 Application. The C# code should be identical but there is no web.config in .NET 5 so you have to put your config in via Startup.cs.

From what you are asking this seems like what you need, if any further explanation is required let me know.

So I am still hoping someone comes up with a better answer because my goal is still to use and leverage .Net Identity for authorization after authenticating the user with their Windows User ID. But for now, I am going to enable Windows Authentication and use the solution for customizing Authorization options provided by Rick in this thread: How do you create a custom AuthorizeAttribute in ASP.NET Core?

So I will be doing the following, for each role creating a class as follows:

Then in Startup.cs in configure services I will add:

Finally I should be able to use:

Instead of doing the above, what I’d like to do in Startup.cs is add this line:

Then I could just use what is already provided with .Net Identity without writing my own code for each role. I’d have to employ my own caching so I wouldn’t need to go back to the database each time I wanted to check if the user had permissions. There has to be a better way.

How to get at the current users windows identity?

The site is running on my local IIS 6.1. I Would like to add some features to pull information from our Active Directory (AD). My AD code works on many other projects and on my development server. Here are my attempts at writing out the username:

The results I get are:

1. NT AUTHORITY\IUSR
2. administrator
3. NT AUTHORITY\NETWORK SERVICE

How can I get at the actual windows username like ourdomain/username

5 Answers 5

This snippet shows how LogonUserIdentity is set (using reflector)

As you can see this has been changed for IIS 7. I believe you are using Windows Authentication + Impersonation so I would go with the last one ( WindowsIdentity.GetCurrent() ) which I am sure is the identity request being run with.

There are two different windows user here — first one is your application user and second is user (or windows account) under which your ASP.NET application (application pool from IIS perspective) is running. WindowsIdentity.GetCurrent will typically return this reference.

To getting actual windows user that using the application, you must enforce authentication. To do that, you can enable integrated authentication (windows authentication) in IIS for the said web site. Also modify your ASP.NET configuration to use windows authentication. Now you can use HttpContext.Current.User.Identity to get the actual user.

HttpContext.Current.User.Identity may be of use to you here.

Likewise System.Threading.Thread.CurrentPrincipal could help.

But the case might be that you actually have to set an identity instance as the user logs in (though not necessarily implement IPrincipal and the surrounding mechanisms, rather using the built-in WindowsIdentity implementation).

I’m not 100% percent on this, Windows Authentication might set this automatically for you to simply retrieve.

Also, check out this link from MSDN which describes basic user operations,

How to get user name using Windows authentication in asp.net?

I want to get user name using Windows authentication

Actually I implemented «Sign in as different user»,when click this button Windows security will appear there we can give credentials.

In that time if I give some other credential it is taking current user name only. How to get that given credential user name from windows security?

Host application in IIS then anonymous authentication has disabled and windows authentication was enabled.

web.config:

.cs

Here I am getting the default User name always

Any ideas? Thanks in advance

7 Answers 7

You can get the user’s WindowsIdentity object under Windows Authentication by:

and then you can get the information about the user like identity.Name.

Please note you need to have HttpContext for these code.

These are the different variables you have access to and their values, depending on the IIS configuration.

Scenario 1: Anonymous Authentication in IIS with impersonation off.

Scenario 2: Windows Authentication in IIS, impersonation off.

Scenario 3: Anonymous Authentication in IIS, impersonation on

Scenario 4: Windows Authentication in IIS, impersonation on

Legend
SERVER1\ASPNET : Identity of the running process on server.
SERVER1\IUSR_SERVER1 : Anonymous guest user defined in IIS.
MYDOMAIN\USER1 : The user of the remote client.

How to get Windows user in asp.net webApp on IIS7+

I have an asp.net 4.5 web forms web app deployed on a remote IIS7+ server and I want to get the domain\username of the user to populate a database column.

My web.config has the following:

Here are some of the things I have tried:

Other things to note:

Windows authentication is enabled on the server for my web app.

I keep getting the server name instead of the username.

Also, there is no logon for my web app. Users are restricted access to the server but if they can access the server then they automatically have access to my web app.

[UPDATE]

Interesting breakthrough, if I do an inline

then myDomain\username is written to my page. However, if I do the same code server side it returns the Server Name. Why would it return something different?

I have tried the below code but it still returns the Server name, I’m guessing its because the inline runs client-side and the controls run server side.

then in codeBehind

1 Answer 1

To get the current userid name of an asp.net aspx page use

To get the actual person who’s logged in use any of these:

You’ll probably also need:

in your web.config file

[EDIT] This post shows what’s happening under the covers in IIS 7: How to get at the current users windows identity

This post will hopefully also give you an idea of what the results of your trial and error mean: How to get Windows user name when identity impersonate=»true» in asp.net?

You may also need the following in your web.config

[EDIT2] The behavior you are observing implies you are executing

On what you are calling «the server side» too early in IIS’s processing pipeline application lifecycle i.e. before authentication has taken place. The

is one of the last aspects of application life cycle. Take a look at Microsoft’s IIS7 life cycle documentation: http://msdn.microsoft.com/en-us/library/bb470252.aspx

1. Validate the request.
2. Perform URL mapping.
3. Raise the BeginRequest event.
4. Raise the AuthenticateRequest event.
5. Raise the PostAuthenticateRequest event.
6. Raise the AuthorizeRequest event.
7. Raise the PostAuthorizeRequest event. .

Its only after this that it will really be safe to do the processing you need to