1

Afternoon All,

I have a web site where i need to know who is inserting a record into my database table. I have a group of users which i have populated into an Active Directory (AD) group and in turn they are the only members able to access the site. (See web.config code and .vb code below)

'Config File

     <appSettings>
           <add key="dbConnection" value="Data Source=xxx;Initial Catalog=xxx;User ID=xxx;Password=xxx;"/>
           <add key="Users" value="Users_General_Access"/>
     </appSettings>

'Vb Code

    If User.IsInRole(ConfigurationManager.AppSettings("Users")) Then

    Else
        Response.Redirect("NotAuthorised.aspx")
    End If

I have a stored procedure that is used to insert data from my form fields into the database which work fine.

The problem that i have is that im not asking the user to log in as they are able to do so via the AD set up. However i need to caputre the username so i can populate this into my database table to state who has added that record.

Is there some VB code that i can use to obtain this information?

Many thanks in advance Betty.

Improve this question

3 Answers 3

Reset to default
6 
HttpContext.Current.User.Identity.Name

OR only User.Identity.Name as according to OP's code User is in the scope

will give you user name. use can access other information using

User.Identity

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

You don't need to specify HttpContext.Current.User, as User is already in scope. You only need to write User.Identity.Name
@RabNawaz - Many Thanks, i will be able to use this just fine.
3

You can get the Current User Name using your Application by: 

string loggedUser = HttpContext.Current.User.Identity.Name.ToString();

Once you have this, you can store in Database

Pass the loggedUser to the database

Improve this answer

Comments

0

As other have said, you can get the name of the logged-in user with User.Identity.Name.

You can also get rid of the code that checks for role membership if you add the proper tags in web.config. Checking membership in code is useful only if the name of the role is not known in advance and can't be stored in the web.config file, eg. when the roles come from a database.

You can specify the roles authorized to visit a specific page using the location tag:

<configuration>
 ....
 <location path="MySecurePage.aspx">    
      <system.web>    
           <authorization>    
                <allow roles="Administrators,MyGroup" />    
                <deny users="*"/>
           </authorization>    
      </system.web>    
 </location> 
</configuration>
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.