Unwanted TFS Impersonation in web service

I am attempting to have an approval system where approval can go to a web site and click a button to approve workitems, which will write their current tfs username into a field in the workitem when they click the button.

I am using windows impersonation in the web application, and I have confirmed that the windows authorized user is correct when the application is running (I'll call this user "Proper User").  Strangely, in the workitem, I get the wrong user in the approver field.  The user in the approver field appears to be another user that may have previously used the system, or may currently be viewing work items through visual studio or another method (lets call her "Rogue User").  Rogue User is a different user depending on who else has been using the system.  Also, when looking at the history, I see something like:  

Edited (DesignReview to DesignApproved) by Proper User on behalf of Rogue User

Looking up this syntax, I see that it is supposed to mean that TFS Impersonation was used.  However, I am not using TFS impersonation anywhere in my code.  Here is the relevant code:

TfsTeamProjectCollection teamProjectCollection = TfsTeamProjectCollectionFactory.GetTeamProjectCollection(new Uri("http://projecturl"));

var workItemStore = (WorkItemStore)teamProjectCollection.GetService(typeof(WorkItemStore));

WorkItem workitem = workItemStore.GetWorkItem(iworkitemid);

workitem.Fields[approverfield].Value = teamProjectCollection.AuthorizedIdentity.DisplayName;

workitem.GetNextState("action");

workitem.Save();

I can confirm that the active directory user is the proper user during execution.. Any ideas why TFS would be doing this?  Is there anything I need to call to ensure the authenticated user is the same as the authorized user and windows user when I am not using impersonation?   

This is within a web service call.  The web application is using a single worker process.  Impersonation is set with  

<identity impersonate="true" /><authentication mode="Windows" /><authorization><deny users="?"/></authorization>

This is within a web service call.  

Thanks in advance for any assistance!