0

I don't know how in what moment my httpcontex.current.intentity.name is replaced by windows authentication user.

Running my MVC application localhost is taking my login form user. But in IIS is taking my Windows Authentication user.

I have enable windows authentication in IIS.

Why?

ADyson
  • 57,178
  • 14
  • 51
  • 63
David Lerma Developer
  • 133
  • 1
  • 3
  • 12
  • Because it is simply wrong to query user identity that way. Use `Controller.User` please. – Lex Li Apr 19 '18 at 22:01
  • Possible duplicate of [What's the difference between HttpContext.Current.User and Thread.CurrentPrincipal in asp.net?](https://stackoverflow.com/questions/1843271/whats-the-difference-between-httpcontext-current-user-and-thread-currentprincip) – Lex Li Apr 20 '18 at 00:12

1 Answers1

0

"But in IIS is taking my Windows Authentication user.

I have enable windows authentication in IIS."

It sounds like you've answered your own question really, but for clarity: - if you're using Forms Authentication then you don't need Windows Authentication on top. If you enable this in IIS, the user identity of the Windows user gets passed on from IIS to your application.

I think if you turn off Windows Authentication in IIS and enable Anonymous Authentication instead, then your application will wait until a user logs in via your login form before it tries to identify them.

ADyson
  • 57,178
  • 14
  • 51
  • 63