Is it possible to get the Windows logon name with site running asp.net forms authentication?_问答_开发者

Is it possible to get the Windows logon name with site running asp.net forms authentication?

开发者 https://www.devze.com 2022-12-15 13:49 出处：网络

I have 开发者_JAVA技巧a website with a large user base configured with asp.net 2.0 forms authentication.Before the user logs in via forms authentication is it possible to retrieve the windows login na

I have 开发者_JAVA技巧a website with a large user base configured with asp.net 2.0 forms authentication. Before the user logs in via forms authentication is it possible to retrieve the windows login name/user account name on the machine they are using?

Many thanks

It certainly is possible--by adding another web application to your system. Here's roughly how I have done it:

Your primary web app uses Forms authentication. On the forms login page, any user that is determined to be on the local LAN (check IP address), redirect them to another app that uses Windows authentication. In this second app, you can determine the user (assuming the browser is configured to send credentials automatically to the zone in which your app resides), then set a cookie which your first app can read, and redirect the user back to the original app.

This does work.

This would only be possible if you were using Windows Authentication in your web application and then only if the user had logged in.
The kind of information you are after is not sent as part of the web request (quite rightly) and is therefore unknown to the web server.

Unfortunately no - if the user has not logged on, they are browsing anonymously, and are therefore unknown to the server. There is no way to identify them.

Once they're logged on, if you're using impersonation use WindowsIdentity.GetCurrent().Name. However, for forms authentication there's no direct way to ask the browser for their Windows credentials as they may not even be running Windows!

Not BEFORE no (not from the server).

Depending on the type of Auth you use, though, and the way the site is configured, you CAN get them to log in with their windows details.

See Mixing Forms and Windows Security in ASP.NET on Microsoft's MSDN.

The main difference with @TheObjectGuy answer is that instead of using 2 websites, this does all in a single website by configuring IIS to use the Integrated Windows authentication just in a "single" page (WinLogin.aspx).