开发者

Differences between Page.User.Identity vs Request.LogonUserIdentity

What are the differences (behind the scenes) between Page.User.Identity and Request.LogonUserIdentity? Not the differences in type, name, etc but the differences in how they're implemented behind the scenes (i.e. one calls windows xxx api and the other calls asp.net xxx api...开发者_C百科).


It depends on what mechanism you are using to authenticate users, and what settings you have for impersonation.

For example, under the VS development server, using Forms authentication, the standard SQL membership provider and the following code:

// m_LoggedIn is a Literal control on the page:
m_LoggedIn.Text = string.Format("<br />Page.User.Identity: {0} " + 
                                "<br />Request.LogonUserIdentity: {1}",
                                Page.User.Identity.Name, 
                                Request.LogonUserIdentity.Name);

I get the following output:

Page.User.Identity: zhaph

Request.LogonUserIdentity: [ComputerName]\Ben

The first line (Page.User.Identity) is the forms authentication account I've logged into the site with, the second line is the windows identity the request is running under - as I've not enabled impersonation, this is my windows logon as that's the account the web server is running under.

In terms of the API's, HttpRequest.LogonUserIdentity is calling into the WindowsIdentity class, which will always represent a Windows user account, while Page.User is creating a object which implements IPrinciple, which allows you to represent a user using a number of different backing stores - for example the SQL database structure supplied by the MembershipProvider.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜