1. 技术文章
  2. ASP.NET MVC Windows Authentiaction and DirectoryServices - Get Mail Address of the current user throws an InvalidCastException

ASP.NET MVC Windows Authentiaction and DirectoryServices - Get Mail Address of the current user throws an InvalidCastException

 ̄綄美尐妖づ 提交于 2020-01-01 11:55:16

问题


I am using ASP.NET MVC 4 and Windows Authentication. When I am using VisualStudio everything works fine, but when I deploy my site an exception is thrown.

var emailAddress = UserPrincipal.Current.EmailAddress;

throws:

Unable to cast object of type 'System.DirectoryServices.AccountManagement.GroupPrincipal' to type 'System.DirectoryServices.AccountManagement.UserPrincipal'.

The rest works fine. Users can authenticate and I can get the users name etc.

EDIT:

I enabled Impersonation on IIS. Now I get the following exception:

[DirectoryServicesCOMException (0x80072020): An operations error occurred. ] System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +781 System.DirectoryServices.DirectoryEntry.Bind() +44 System.DirectoryServices.DirectoryEntry.get_AdsObject() +42 System.DirectoryServices.PropertyValueCollection.PopulateList() +29
System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) +119
System.DirectoryServices.PropertyCollection.get_Item(String propertyName) +163
System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() +535649 System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit() +51 System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() +141 System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx() +42 System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +27
System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, IdentityType identityType, String identityValue) +146
System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, IdentityType identityType, String identityValue) +44
System.DirectoryServices.AccountManagement.UserPrincipal.get_Current() +390 Jericho.MVC.HtmlHelperExtensions.GetUser(HtmlHelper htmlHelper) in C:\Development\Jericho\Jericho.MVC\HtmlHelperExtensions.cs:48

What can I do?


回答1:


Set the IIS Application Pool Identity to NetworkService and use:

var identityName = HttpContext.Current.User.Identity.Name;
using (HostingEnvironment.Impersonate())
{
    using (var context = new PrincipalContext(ContextType.Domain, "yourDomain", null, ContextOptions.Negotiate | ContextOptions.SecureSocketLayer))
    using (var userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, identityName))
    {
        emailAddress = userPrincipal.EmailAddress;
        lastname = userPrincipal.Surname;
        firstname = userPrincipal.GivenName;
    }
}


来源:https://stackoverflow.com/questions/10846909/asp-net-mvc-windows-authentiaction-and-directoryservices-get-mail-address-of-t

标签
c#
asp.net-mvc
windows-authentication
directoryservices
userprincipal
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!