How does HttpContext Current User Identity Name know which usernames exist

Question

This is not necessarily an issue  I am just curious as to how it works  I have a method   public static bool UserIsAuthenticated         bool isAuthed   false      try               if  HttpContext Current User Identity Name    null                        if  HttpContext Current User Identity Name Length    0                                FormsIdentity id    FormsIdentity HttpContext Current User Identity                  FormsAuthenticationTicket ticket   id Ticket                  isAuthed   true                  string MyUserData   ticket UserData                                    catch        not authed     return isAuthed      The HttpContext Current User Identity Name returns null if the user does not exist  but how does it know which usernames exist or do not exist

User · Answer

How does  HttpContext Current User  know which usernames exist or do   not exist    Let s look at an example of one way this works   Suppose you are using Forms Authentication and the  OnAuthenticate  event fires  This event occurs  when the application authenticates the current request    Reference Source    Up until this point  the application has no idea who you are   Since you are using Forms Authentication  it first checks by parsing the authentication cookie  usually  ASPAUTH  via a call to ExtractTicketFromCookie  This calls FormsAuthentication Decrypt  This method is public  you can call this yourself     Next  it calls Context SetPrincipalNoDemand  turning the cookie into a user and stuffing it into Context User  Reference Source

User · Answer

The HttpContext Current User Identity Name returns null   This depends on whether the authentication mode is set to Forms or Windows in your web config file   For example  if I write the authentication like this    lt authentication mode  Forms   gt    Then because the authentication mode  Forms   I will get null for the username  But if I change the authentication mode to Windows like this    lt authentication mode  Windows   gt    I can run the application again and check for the username  and I will get the username successfully   For more information  see System Web HttpContext Current User Identity Name Vs System Environment UserName in ASP NET

User · Answer

Assume a network environment where a  user   aka you  has to logon  Usually this is a User ID  UID  and a Password  PW   OK then  what is your Identity  or who are you  You are the UID  and this gleans that  name  from your logon session  Simple  It should also work in an internet application that needs you to login  like Best Buy and others   This will pull my UID  or  Name   from my session when I open the default page of the web application I need to use  Now  in my instance  I am part of a Domain  so I can use initial Windows authentication  and it needs to verify who I am  thus the 2nd part of the code  As for Forms Authentication  it would rely on the ticket  aka cookie most likely  sent to your workstation computer  And the code would look like   string id   HttpContext Current User Identity Name      Strip the domain off of the result id   id Substring id LastIndexOf       StringComparison InvariantCulture    1     Now it has my business name  aka UID  and can display it on the screen

User · Answer

Also check that   lt modules gt         lt remove name  FormsAuthentication   gt   lt  modules gt    If you found anything like this just remove    lt remove name  FormsAuthentication   gt    Line from web config and here you go it will work fine I have tested it

User · Answer

For windows authentication  select your project   Press F4  Disable  Anonymous Authentication  and enable  Windows Authentication

[c#] How does HttpContext.Current.User.Identity.Name know which usernames exist?

Examples related to c#

Examples related to asp.net

Examples related to httpcontext