When using impersonation, ASP.Net applications can optionally execute with the identity of the client on whose behalf they are operating. The reason for doing this is to avoid dealing with authentication and authorization issues in the application code. Instead, you could just rely on Microsoft IIS web server to authenticate the user and either pass an authenticated token to the ASP.Net application or, pass an unauthenticated token.
Impersonation is disabled by default. To enable it, you can just simple change the code to the following on Web.Config file.
<identity impersonate="true" />
And either disable the IIS Anonymous access from IIS directory security settings or add the following code to Web.Config file.
<authorization>
<deny users="?" />
</authorization>
This is to force the application to get the authentication token from IIS web server. And after getting the authentication, you can get the user name by programmatically reading the identity of the impersonated user.
[C#]
string username = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
[Visual Basic]
Dim username as String = System.Security.Principal.WindowsIdentity.GetCurrent().Name