Existen diversos escenarios en los que nos es útil saber qué método de autenticación está utilizando nuestra aplicación web y con qué credenciales se está ejecutando nuestro código. Para poder determinarlo de forma rápida he desarrollado una página ASP.NET que hace estas comprobaciones y muestra el resultado en pantalla.
Este es el código de la página ASPX:
<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System.Threading" %>
<%@ Import Namespace="System.Security.Principal" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
public string AuthType, AuthPackage, WindowsID, HttpContextID, ThreadID;
private AuthTypeEnum _authType;
internal enum AuthTypeEnum
{
Anonymous,
Negotiate,
NTLM,
Other
}
protected void Page_Load(object sender, EventArgs e)
_authType = AuthTypeEnum.Other;
GetIdentities();
Response.Headers.Add("Connection", "Close");
private void GetIdentities()
AuthType = GetAuthType();
AuthPackage = GetAuthPackage();
WindowsID = GetWindowsID();
HttpContextID = GetHttpContextID();
ThreadID = GetThreadID();
private string GetAuthType()
if (Context.User.Identity.AuthenticationType != String.Empty)
_authType = AuthTypeEnum.Negotiate;
return Context.User.Identity.AuthenticationType;
else if (!Context.User.Identity.IsAuthenticated)
_authType = AuthTypeEnum.Anonymous;
return "Not Authenticated (Anonymous)";
else
return "-";
private string GetAuthPackage()
if (_authType != AuthTypeEnum.Anonymous &&
Context.Request.ServerVariables["HTTP_AUTHORIZATION"] != null)
string authHeader =
Context.Request.ServerVariables["HTTP_AUTHORIZATION"];
if (authHeader.StartsWith("Negotiate TlRMTVNTUA"))
return "Kerberos";
return "NTLM";
private string GetWindowsID()
if (WindowsIdentity.GetCurrent().Name != String.Empty)
return WindowsIdentity.GetCurrent().Name;
private string GetHttpContextID()
if (HttpContext.Current.User.Identity.Name != String.Empty)
return HttpContext.Current.User.Identity.Name;
private string GetThreadID()
if (Thread.CurrentPrincipal.Identity.Name != String.Empty)
return Thread.CurrentPrincipal.Identity.Name;
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>ASP.NET Identity Test</title>
<style type="text/css">
.style_div
font-family: "Consolas";
font-size: 22px;
.left
font-weight: bold;
width: 300px;
.right
color: #FF0000;
</style>
</head>
<body>
<form id="form1" runat="server">
<div class="style_div">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="left">
Authentication Type:
</td>
<td class="right">
<% Response.Write(AuthType); %>
</tr>
Authentication Package:
<% Response.Write(AuthPackage); %>
Windows Identity:
<% Response.Write(WindowsID); %>
HttpContext Identity:
<% Response.Write(HttpContextID); %>
Thread Identity:
<% Response.Write(ThreadID); %>
</table>
</div>
</form>
</body>
</html>
Espero que os sea de utilidad.
- Daniel Mossberg