Re: Difference between System.Web.HttpContext.Current.User.Identity.Name and System.Threading.Thread.CurrentPrincipal.Identity.Name

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 11/08/05

• Next message: Dominick Baier [DevelopMentor]: "Re: help on httpmodles"
• Previous message: Juan T. Llibre: "Re: How about giving www.aspnetfaq.com a test ride ?"
• In reply to: jeremy.rice_at_alkermes.com: "Re: Difference between System.Web.HttpContext.Current.User.Identity.Name and System.Threading.Thread.CurrentPrincipal.Identity.Name"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 08 Nov 2005 09:25:13 -0800

Hello jeremy.rice@alkermes.com,

the "normal" way is to do a Context.User.IsInRole.

But there is also the PrincipalPermission and PrincipalPermissionAttribute,
which is more common in WinForms/Console libraries - and they rely on Thread.CurrentPrincipal.

ASP.NET supports both styles.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> It's in the Page Load on an .ascx page. I have so far narrowed it down
> to this, because if I put the code onto the parent .aspx page it works
> fine. It's really weird. Any ideas on why this would be? It's gonna be
> such a pain to have to put this code onto every page. What's the point
> of Web User Controls if they aren't going to work? *Sigh*
>
> The only code in the gloabal.asax is to catch runtime errors in the
> Application Error Sub and send me an email.
>
> In the Web.config I'm impersonating with Windows Authentication.
>
> IIS is set to Windows Authentication, not Anonymous. The virtual
> directory is using its own Application Pool.
>
> And if System.Web.HttpContext.Current­.User.Identity.Name and
> System.Threading.Thread.Curren­tPrincipal.Identity.Name contain the
> same value by default (as I'm reading in the Microsoft documentation),
> why use one over the other?
>
> Thanks,
> Jeremy

---

• Next message: Dominick Baier [DevelopMentor]: "Re: help on httpmodles"
• Previous message: Juan T. Llibre: "Re: How about giving www.aspnetfaq.com a test ride ?"
• In reply to: jeremy.rice_at_alkermes.com: "Re: Difference between System.Web.HttpContext.Current.User.Identity.Name and System.Threading.Thread.CurrentPrincipal.Identity.Name"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Get UserGroup of Active Directory to control the security ... If you are using Windows authentication in ASP.NET, ... role-based security against the user's group membership using the ... Additionally, the allow and deny tags in web.config, which are used by the ... you can use the PrincipalPermission and ... (microsoft.public.dotnet.framework.aspnet.security) Re: Design Question ... But all role-based security information resides in AzMan store. ... services are configured as Windows authentication in IIS. ... > the declaration of the PrincipalPermission attribute and the call to ... (microsoft.public.dotnet.languages.csharp)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)