User name in asp.net

I tryed this ways:

Request.ServerVariables["LOGON_USER"]

or

HttpContext.Current.User.Identity.Name 

or

User.Identity.Name

-- If i run it by F5 from VS2010, it runs OK.

-- If i run it on IIS (I tryed it on 5.1 and 6.0, other IIS i can't use) there are empty strings.

In web.config i have:

<authentication mode="Windows"/>
<authorization>
  <allow users="*"/>
</authorization>

so, all users should by autentificated.

Maybe, there should be more things in web.config.

I tryed 开发者_StackOverflowit in IE, Firefox, and Chrome.

I post this question before, but there was some misleading information, so i post it again.

---

so, all users should by autentificated.

Exactly. All users include anonimous.

---

Any web browser will attempt an anonymous request at first, if it's successful it won't try to authenticate. So you want to deny anonymous requests:

<authentication mode="Windows" />
<authorization>
  <deny users="?" />
  <allow users="*" />
</authorization>

Note that the order of items in the authorization element is important - they're like any access rules in that they're processed from top to bottom.

In this case the ? is anonymous users and * is all users (including anonymous) but as the deny anonymous user statement comes first - they will be denied and never get to see the allow statement which allows everyone else.

Also, if this is an ASP.NET MVC 3 web application, there're some quirks to be heedy of - please correct me if I'm wrong as I don't recall all the details right now:

  <appSettings>
    <add key="autoFormsAuthentication" value="false" />
  </appSettings>  

The autoFormsAuthentication has to be disabled to enable Windows authentication in an MVC 3 web application - or it was anyway, it might have been fixed by now but as it took quite some time to figure it out, I'm including it here. The symptom when not disabling it is every authentication request is redirected to the account forms url (which you might not even have).