I created a site. It is an internal site. It is a .NET 4.0 site. I would like to grab the username using HttpContext.Current.User.Identity.Name of the person browsing the site. There isnt a login page since it is internal. I am not sure what I am missing. Do I need the following in my webconfig:

<authentication mode="Windows"></authentication>
<identity impersonate="true"/>
<authorization>
  <allow users="?"/>
</authorization>

and this:

  <system.webServer>
  <validation validateIntegratedModeConfiguration="false" />

It comes up blank when unauthenticated. You can verify this by also doing:

HttpContext.Current.User.Identity.IsAuthenticated

Check your authentication level in IIS, is it set to enable windows authentication there too?

In iis disable anonymous access and enable integrated windows security for you web application.

Yes, you do need, at least the

<authentication mode="Windows"></authentication>

part is required if you are using Integrated Windows Auth.

After that, you should be able to grab the username of the person logged in.

No, you don't need:

<validation validateIntegratedModeConfiguration="false" />

In IIS, go to Sites \ Default Website \ [Your Website].

Select Authentication option and disable Anonymous Authentication.

In my case removing <remove name="FormsAuthentication" /> line from web.config helps.

I also have <authentication mode="Forms" /> in <system.web> section.