We have a service wrapper that multiple clients from different servers are calling, every server has multiple users, and in our wrapper we want to have information from our client request such as user domain name and IP address, I know that the IP address could be find through HttpContext.Current.Request.UserHostAddress but what about user logged on that client server?
For example, say “a.jakson” called wrapper from server “10.100.111.11”, how we can find in our wrapper server that this request made by “a.jakson”?
Wrapper is a simple API that is called by other clients and both of them are in the same domain.
In point of authentication,I’m using basic authentication through authorization header.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
One way would be for your client(s) to send these additional details via request headers. I’m not sure what the client is written in so I’ll assume you have that taken care of (if not, please open a new question).
Let’s say you change the client so that it passes header “username” with value “a.jakson”. In the API you could have something as simple as:
var clientUsername = HttpContext.Current.Request.Headers["username"];
if (!string.IsNullOrWhitespace(clientUsername))
{
// do something with username
}
If you want to do this for every request the API receives, you should look into writing the above into a custom middleware.
Method 2
Thanks to @mason for his helpful comment,I decided to use Windows Authentication,the way that give me what i wanted,just set authentication method in webconfig as follows:
<system.web>
<identity impersonate="true"/>
<authentication mode="Windows">
</authentication>
<authorization>
<allow roles="axDomain Users" />
<deny users="?" />
</authorization>
</system.web>
it could be also configured by iis maneger as well:
Now we have access to Client user name in this way:
HttpContext.Current.User.Identity.Name
consider that client should be passing their credential while calling wrapper api
HttpWebRequest req = WebRequest.Create(Url) as HttpWebRequest;
req.UseDefaultCredentials = true;
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0