What's the difference in an asp.NET environment with Windows Authentication and Identity Impersonation turned on, between HttpContext.Current.User.Principal and WindowsIdentity.GetCurrent()?
According to this forum on WindowsIdentity.GetCurrent().Name vs. User.Identity.Name:
User.Identity.Namerepresents the identity passed from IIS.WindowsIdentity.GetCurrent().Nameis the identity under which the thread is running.
Depending on your app's authentication settings in IIS, they will return different values:
<!-- language: lang-none --> <pre><code><b>| <a href="https://msdn.microsoft.com/en-us/library/xh507fc5.aspx">Anonymous</a> | <a href="https://msdn.microsoft.com/en-us/library/aa292114.aspx">Impersonate</a> | User.Identity.Name | WindowsIndentiy.GetCurrent() |</b> |-----------|-------------|--------------------|-------------------------------| | Yes | True | Empty String | IUSR_<<i>machineName</i>> | | Yes | False | Empty String | NT Authority\Network Service | | No | True | domain\user | domain\user | | No | False | domain\user | NT Authority\Network Service | </code></pre>Legend:
- Where domain\user will show up as:
- domain\user for Active Directory
- machineName\userName for local account
- Where NT Authority\Network Service will show up as:
- NT Authority\Network Service for Windows Server or ASP.NET
- machineName\ASPNET_WP for Windows XP