http://blogs.msdn.com/dansellers/archive/2006/08/24/720825.aspxThe ASP.NET User Principal (HTTPContext.User) clearly depends upon the Authentication Mechanism that you selected in IIS 6.0 "Authenication Tab" and if you use Integrated Windows Authentication then it is dependant on the IIS impersonation token thaten-USCommunityServer 2.1 SP1 (Build: 61025.2)