Pass user identity from UI to data layer

In order to perform auditing on a SQL 2008开发者_高级运维 database for updates / insert / delete, I was accessing

HttpContext.Current.User

in the datalayer to pass to a stored proc which would set the CONTEXT_INFO for auditing triggers.

These is probably wrong because if I wanted to put another UI (i.e. WinForms) the HttpContext wouldn't apply, however I don't want to add a username parameter to my BLL methods or add a constructor as all these methods are static. What is the best way to access a user identity in the DAL?

---

You should use the static Thread.CurrentPrincipal property. Notice however that this property might not be equal to HttpContext.Current.User depending on your web application's impersonation settings.

A good solution might be to first check whether HttpContext.Current is not null. If it isn't then read the user from there, and otherwise fallback to reading Thread.CurrentPrincipal.