How to use current ASP.NET username in SqlParameter without code

Question

How to use current ASP.NET username in SqlParameter without code

How do I go to the current username without making it in the code, just using aspx server tags?

In encoding, I can just do this:

Label4.Text = User.Identity.Name.ToString()

But I'm trying to do it without code like this:

 <body> <form id="form1" runat="server"> <div> 1. <asp:Label ID="Label1" runat="server" Text="<% User.Identity.Name %>"/><br /> 2. <asp:Label ID="Label2" runat="server" Text="<%= User.Identity.Name %>"/><br /> 3. <asp:Label ID="Label3" runat="server" Text="<%# User.Identity.Name %>"/><br /> 4. <asp:Label ID="Label4" runat="server" Text="<%= Context.User.Identity.Name %>"/><br /> 5. <asp:Label ID="Label5" runat="server" Text='<%# User.Identity.Name %>' /><br /> 6. <span runat="server" ID="Span1"><%= User.Identity.Name %></span><br /> 7. <asp:LoginName ID="LoginName1" runat="server" /><br /> 8. <span><%# User.Identity.Name %></span><br /> 9. <span><%= User.Identity.Name %></span><br /> 10. <asp:Label ID="Label6" runat="server" Text='<%= User.Identity.Name %>' /><br /> </div> </form> </body>

I get the username displayed for lines 6, 7 and 9, but I really want to set the control property for this value, and not just display it on the screen.

Is it possible?

Reference Information. I whipped up a fast application by dragging and dropping controls on a page, and it turned out that I did this with only one line in the encoding of the pages (s). This line set the value of the hidden field for the current username at page load, so I could pass the value of this control as a parameter to sqlparameter. So I thought that since I was following this route (a lot of things in aspx may not be there), I should try to be in agreement. I usually don’t do it, but I wanted this time

+7

authentication asp.net

Keith Oct 15 '09 at 19:33

source share

11 answers

If you really want to pass the current username as a selection parameter to SqlDataSource, I would suggest making a quick user parameter (either as a code file in your web project, or in a separate assembly if you want):

 namespace CustomParameters { public class UserNameParameter : Parameter { public UserNameParameter() { } public UserNameParameter(string name) : base(name) { } protected override object Evaluate(HttpContext context, Control control) { return User.Identity.Name; } } }

and then on your page:

 <%@ Register TagPrefix="myNS" Namespace="CustomParameters" %> ... <myNS:UserNameParameter Name="UserName" />

+4

Peter Lillevold Oct 15 '09 at 20:31

source share

Do you really need this in shortcut server management? Or can you just use the span tags displayed by the server control?

 <span runat="server" ID="Label2"><%= User.Identity.Name %></span>

Update:
So, a new goal: get User.Identity.Name in the SqlParameter value without using code.

It will be hard. The base code of the bee-stings tags ( <% %> %% <% %> , etc.) does not start in the page life cycle until your request has already been completed. This means that you need to deal with the previous page life cycle event yourself, and usually it means there is something in the code. If you really want to get rid of the code, you can, of course, enable the server side of the script on your page:

 <%@ Page Lanuage="C#" %> <script runat="server" language="c#"> public void OnSelecting(object sender, SqlDataSourceSelectingEventArgs e) { e.Command.Parameters["@UserName"].Value = User.Identity.Name; } </scirpt> <html> <body> <asp:SqlDataSource runat="server" ID="MyDataSource" OnSelecting="OnSelecting" ...> <SelectParameters> <asp:Parameter Name="UserName" ... /> </SelectParameters> </asp:SqlDataSource> <asp:GridView runat="server" ID="ResultsGrid" DataSourceID="MyDataSource" .../> </body> </html>

It still writes the real code, but does not save everything in the markup. But I suspect this is the closest thing you can get here.

+2

Joel Coehoorn Oct 15 '09 at 19:43

source share

Will this do the trick?

 <asp:LoginName ID="LoginName1" runat="server" />

+1

Arjan einbu Oct 15 '09 at 19:35

source share

I'm not sure about that, but I think

 <asp:Label ID="Label1" runat="server" Text='<%# User.Identity.Name %>' />

Double quotes are not true for expressions defined in a property. Instead of using the above expression, you can also print the value in some html label just by writing your expression ie

 <span><%# User.Identity.Name %></span>

And make sure you authenticate the user enough.

+1

Myra Oct 15 '09 at 19:47

source share

Do not use a self-closing label.

 <asp:Label ID="UserNameLabel" runat="server" ><%= My.User.Name %></asp:Label>

+1

Alan Feb 25 '12 at 7:12

source share

 <asp:Label ID="Label1" runat="server" Text='<%= User.Identity.Name %>' />

The problem is double quotes. You often need to use single quotes

0

runxc1 Bret Ferrier Oct 15 '09 at 20:09

source share

One way is to set it in the code behind:

 Label1.Text = User.Identity.Name.ToString();

Another way would be to use an expression builder such as Ricardo Peres CodeExpressionBuilder to associate the control property with aspx markup:

 <asp:Label runat="server" Text="<%$ Code: User.Identity.Name.ToString() %> />

0

orip Oct 16 '09 at 5:55

source share

I suspect you forgot to call DataBind () in your form. Label3 or Label5 should work fine.

Add a call to form1.Databind () in your Page_Load (), and this should fix it.

0

Mike l Oct 16 '09 at 20:59

source share

Instead, you can use the profile parameter:

 <asp:ProfileParameter Name="SomeParameter" PropertyName="UserName" Type="String" />

0

user3491857 Apr 3 '14 at 2:02

source share

Some of the possible answers are above, but another possible option is to use Windows authentication on the web server and disable anonymous access. Windows users are automatically authenticated if the website is set up as a local intranet.

In your SQL connection, use: Integrated Security = True

The important part is adding the following to web.config:

 <system.web> <identity impersonate="true" /> </system.web>

Without impersonation in web.config, your database connections will be checked using the user defined in the application pool: IIS APPPOOL \ ASP.NET v4

Then, inside SQL, you can use the CURRENT_USER function to read the User, so there is no need to pass the current user through a stored procedure.

Tom

0

tommylux Apr 19 '17 at 14:50

source share

Arjan einbu · Accepted Answer · 2009-10-15T20:13:35+0000

In the comment you wrote:

In addition, if I could get any controls the value set for this username, I could then specify my sqlparameter control parameter, and that would attract me where I need to be too.

You can create a custom parameter type.

Start by creating this class in either App_Code or the ASP.NET management DLL:

 namespace ParameterDemo { public class LoginParameter : Parameter { public LoginParameter(string name) : base(name) {} protected override object Evaluate(HttpContext context, Control control) { //UPDATED as suggested in Joels comments below... //return HttpContext.Current.User.Identity.Name; return context.Current.User.Identity.Name; } } }

and register it on the page (immediately after the @Page directive)

 <%@ Register TagPrefix="put" Namespace="ParameterDemo" %>

(or optionally register it in web.config for use on all pages)

... and you can use it as follows:

 <asp:SqlDataSource ID="SqlDataSource1" runat="server" SelectCommand="SELECT * FROM MyTable WHERE SomeValue=@SomeParameter"> <SelectParameters> <put:loginParameter name="SomeParameter" /> </SelectParameters> </asp:ObjectDataSource>

If this is what you are looking for, you should consider editing the original question ...

How to use current ASP.NET username in SqlParameter without code

More articles: