I'm playing with ASP.NET that has part of the code that suppose to return the logged-in user:
Request.ServerVariables["AUTH_USER"]
but it returns nothing.
At the same time,
Request.ServerVariables["HTTP_HOST"]
Request.ServerVariables["AUTH_PASSWORD"]
Return the proper host name and password, respectively.
In C#:
HttpContext.Current.Request.ServerVariables["AUTH_USER"]
also fails to show the username.
Meanwhile, using classic ASP code returns the user name properly.
I'm not an expert in ASP.NET, therefore my question is: Is it something to do with the server, or with the code itself?
It's to do with the authentication model you have turned on in .NET and also the authentication selections in your local/server IIS environment.
If you enable Integrated Windows Authentication in IIS and have System.Web authentication mode="Forms" in your web.config file, you will find that different server variables are populated.
So to answer your question, it's a little of both.
And for anyone on modern IIS: