Hi,
We are upgrading/porting our existing Sharepoint (works for 2007 and 2010) application on SharePoint 2013. As SharePoint 2013 supports SP2010 so it was easy for us to use all existing code in new SP2013 environment. During this exercise one blocking issue we faced is the change of SharePoint 2013 behavior in respect of window security user of server side code execution.
In SP2010/SP2007 the code runs under logged in user context and the API call “system.security.principal.windowsidentity.getcurrent().name” returns the logged in user. But in SharePoint 2013 this is not true instead it return either “Anonymous User” or “App pool user”.
- Anonymous User (i.e. IUSR): In case the web.config key “aspnet:AllowAnonymousImpersonation” is set to true.
- App-Pool user: In case the web.config key “aspnet:AllowAnonymousImpersonation” is set to false.
In our application we calls web-services those are executed under logged in user security context now the same code in SharePoint 2013 fails as web-service authentication fails. In SP2013 the web-service call is made in security context of either Anonymous user of app-pool user but our requirement is to use logged-in user to as authorized user to call those web services.
Please let us know how to get the SP2010 behavour here iin SP2013 environment or is their any other way to achieve this.
Also let me know if any more details required.
Thanks
Deepak Mehta
Winshuttle India Pvt Ltd.