Asp.net Core Web API - Current user & Windows Authentication

On Windows Server 2012 R2/IIS 8.0, even after setting forwardWindowsAuthToken=true in web.config, User.Identity.Name was not returning the user name but IIS APPPOOL so to resolve the issue I made below change;

  1. Go to the web application in IIS
  2. Open Configuration Editor
  3. Change Section to system.webServer/serverRuntime
  4. Change authenticatedUserOverride to UseAuthenticatedUser (for me it was set to UseWorkerProcessUser)

For further details refer to below link; https://blogs.iis.net/jaroslad/what-does-the-authenticateduseroverrideuser-do


I looked around and it was suggested to create Asp.Net Core WebApi application using Windows Authentication.

So when i created Asp.Net Core WebApi using Windows Authentication it worked and i got values in User.Identity objects.

So i created 2 applications i.e. one with Windows Authentication and one without, and then compared all files and found changes in following files

  • forwardWindowsAuthToken - true, this was tried before but issue was not solved and same was suggested by Daboul
  • launchSettings.json, Set windowsAuthentication: true & anonymousAuthentication: false

After doing this, I was able to values in User.Identity object.

The launchSettings.json file:

{
  "iisSettings": {
    "windowsAuthentication": true,
    "anonymousAuthentication": false
    }
}

The Web.Config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.webServer>
    <handlers>
      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
    </handlers>
    <aspNetCore forwardWindowsAuthToken="true" processPath="C:\Program Files\dotnet\dotnet.exe" arguments=".\YourWebsite.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" />
        <security>
            <authentication>
                <windowsAuthentication enabled="true" />
                <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
  </system.webServer>
</configuration>

Do you have the forwardWindowsAuthToken set to true in the web.config?

<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="true"/>

Tags:

Iis

Windows Authentication

Asp.Net Core

Recent Posts