问题
What's the difference in an asp.NET environment with Windows Authentication and Identity Impersonation turned on, between HttpContext.Current.User.Principal and WindowsIdentity.GetCurrent()?
回答1:
According to this forum on WindowsIdentity.GetCurrent().Name vs. User.Identity.Name:
User.Identity.Namerepresents the identity passed from IIS.WindowsIdentity.GetCurrent().Nameis the identity under which the thread is running.
Depending on your app's authentication settings in IIS, they will return different values:
| Anonymous | Impersonate | User.Identity.Name | WindowsIndentiy.GetCurrent() |
|-----------|-------------|--------------------|-------------------------------|
| Yes | True | Empty String | IUSR_<machineName> |
| Yes | False | Empty String | NT Authority\Network Service |
| No | True | domain\user | domain\user |
| No | False | domain\user | NT Authority\Network Service |
Legend:
- Where domain\user will show up as:
- domain\user for Active Directory
- machineName\userName for local account
- Where NT Authority\Network Service will show up as:
- NT Authority\Network Service for Windows Server or ASP.NET
- machineName\ASPNET_WP for Windows XP
来源:https://stackoverflow.com/questions/5402249/httpcontext-current-user-principal-vs-windowsidentity-getcurrent