Get windows login name without Windows Authentication

Question

I am trying to get the windows Logon username from my asp.net application. Here is my code

string user_name = Request.ServerVariables.Get("LOGON_USER");

this is works fine on my local environment but when I upload the same code on the IIS it gives me blank, even I have tried to get logon username by

HttpContext.Current.User.Identity.Name

but it gives me blank. Once I enable IIS authentication to Windows authentication and disable Antonyms Authentication it is working fine. Can anyone please guide me how I will get this. Please correct me if I am using any wrong approch.

Thanks in advance.

Edit: I don't want to set Windows Authentication, so, Will it be possible in ASP.NET page level authentication by setting in Web.Config

<allow user="*"/> or <deny user="?"/>

Please correct if I am wrong.

Answer 1

In order to get username, you need to use something besides anonymous authentication.

Using Anonymous authentication, you cannot get the username of a local user. Even if this were possible, it would not be practical with a public facing site b/c you could have multiple computers with the same local username.

Also, since you mentioned that this is an external facing site outside of a corporate domain, then Windows Authentication is not an option. Windows Authentication is mainly used for internal intranet applications.

What you likely are looking for if you want to uniquely ID each user, and have is Forms authentication, which ASP.NET supports and provides an out of the box controls for allowing users to register and create accounts for your website. Check out this link http://msdn.microsoft.com/en-us/library/7t6b43z4.aspx

To answer: "Will it be possible in ASP.NET page level authentication by setting in Web.Config?" Setting the authorization rules of <allow user="*"/> or <deny user="?"/> in web.config controls the authorization for a given user (whether or not a given user can get to a page in this case) AFTER the user has been authenticated, but does not have an impact on the authentication method or the membership provider used. So this web.config setting will not allow you to get a username using anonymous authentication.