0

We are running a asp.net mvc application (client - this app is accessed through browser by user) which makes use of HttpClient class to make calls to asp.net web api application (server- I want to access the user information user. Person who invoked the client application). This is a intranet application. We are hosting asp.net web api as windows service. How can I get the user name in this scenario?

ApiController class has a property public IPrincipal User { get; }. I looked this property and this is what i got:

User.Identity.AuthenticationType = ""; User.Identity.IsAuthenticated = false; User.Identity.Name = ""

Is it possible to get some valid value from User.Identity with this kind of setup?

Improve this question
4
  • Kinda depends who your users are... Who will be connecting to the service? Or do you simply want the user name of the user that has logged into the PC where the service is running? Commented Jan 7, 2016 at 19:23
  • In which of these two applications are you doing this? How are you authenticating to that application? Commented Jan 7, 2016 at 19:25
  • @Grantly: I want the user name of the user, who invoked the client application (asp.net mvc app). The client application then makes call to asp.net web api service hosted as windows service. Commented Jan 7, 2016 at 19:36
  • @David: User is authenticated in asp.net mvc application. this application uses windows authentication & later this application using HttpClient class makes calls to asp.net web api application. I want the user name to be available @ asp.net web api side (server side ) without making use to HttpClient class to post that information. I dont know if i can achieve this. Commented Jan 7, 2016 at 19:39

1 Answer 1

Reset to default
0

It depends on which user you want, the user running the website service / app pool (E.G networkservice), or an authenticated user that logged into your website. Assuming you have the user logging in and auth set up in IIS, this might do to pass along the creds, which you could then extract in your API.

using (HttpClient httpClient = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true }))

Hard to say for sure without a whole bunch of details.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I want the user credential who actually running the client application using the browser & not the identity of service account or app-pool. Are you suggesting when i initialize HttpClientHandler, i should do it this way using (HttpClient httpClient = new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true })) using UseDefaultCredentials = true will do the trick?
Is the user logging in to the web site? Or is integrated auth enabled?
I see your comment above - if the user is authed with windows auth, this code might work for you. It works for me on my little site to pass creds, but our web api is also hosted by IIS. It's not a separate service (and we use integrated auth, not logins). But I'm logged in as "nikki" and it passes "nikki" to the web api in order to log things. Give it a shot for your service, see what happens.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.