Retrieve web user's Identity outside of request scope

Question

I have an ASP.NET app that logs Audit reports using nHibernate's IPreUpdateListener. In order to set the current user in the Listener events, I was using System.Security.Principal.WindowsIdentity.GetCurrent(). This works fine when debugging on my machine, but when I move it to the staging server, I'm getting the ASP.NET process credentials, not the requesting user.

In the ASP.NET page, I can use Request.LogonUserIdentity (which works fine since I'm using integrated authentication), but how do I reference this user directly without having to pass it directly to my event? I don't want to have to pass this info through the pipeline because it really doesn't belong in the intermediate events/calls.

Answer 1

If the code is executing in an ASP.NET context, HttpContext.Current (static) contains the current Http context. You can always test if it's null or not. If it's not null, you will be able to get HttpContext.Current.Request.

However, the identity that resides within this request context ultimately depends on how the web site (IIS, Cassini, IIS express, or custom) handles identity.