How to get the current Windows user with ASP.NET Core RC2 MVC6 and IIS7

Kyle picture Kyle · Jul 6, 2016 · Viewed 27k times · Source

I have an intranet site built in MVC6 using ASP.NET Core RC2. I want to get the Windows username of the person accessing the intranet site.

So if Jim goes to the intranet site I want the site to receive "Domain\Jim", while if Anne goes to the intranet site I want the site to receive "Domain\Anne".

Only Windows Authentication is enabled on my IIS server, Anonymous Authentication is disabled.

My site is set to use Windows authentication and to disable anonymous authentication.

<system.web>
    <authentication mode="Windows" />
    <authorization>
        <deny users="?"/>
    </authorization>
</system.web>

Through Debug I can use System.Security.Principal.WindowsIdentity.GetCurrent().Name, but that of course returns "IIS APPPOOL\SiteName" on the IIS server.

I found many examples from older version of ASP.NET using HttpContext, and I tried injecting that into my controller with the following but userName ends up null.

//Startup.cs
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();

//HomeController.cs
public HomeController(IHttpContextAccessor _accessor)
{
    string userName = _accessor.HttpContext.User.Identity.Name;
}

What is the correct way to pass the Windows username to an intranet site in ASP.NET Core RC2 MVC6?

Answer

Jabez picture Jabez · Feb 16, 2019

Might help someone who are still looking for. Per documentation from MS https://docs.microsoft.com/en-us/aspnet/core/fundamentals/http-context?view=aspnetcore-2.2 , add the HttpContextAccessor in ConfigureServices method (startup.cs) Pass this httpcontextaccessor into the controller and access the logged in user.

I followed this and I was able to get the logged in Windows Authenticated user even after deploying the core website to IIS.

Here are the code snippets

In Startup.cs (under ConfigureServices method) add the line

services.AddHttpContextAccessor();

Then in your controller file, add following piece of necessary code lines. The code below is a sample.

public class YourController : Controller
{
  private readonly IHttpContextAccessor _httpContextAccessor;
  private readonly string _user;
  public YourController(IHttpContextAccessor httpContextAccessor)
  {
    _httpContextAccessor = httpContextAccessor;
    _user = _httpContextAccessor.HttpContext.User.Identity.Name;
  }
}