Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   ASP General (http://www.velocityreviews.com/forums/f65-asp-general.html)
-   -   Help needed - ASP with windows integrated authentication (http://www.velocityreviews.com/forums/t797709-help-needed-asp-with-windows-integrated-authentication.html)

sorin 01-24-2005 01:21 PM

Help needed - ASP with windows integrated authentication
 
I developed some simple ASP 3.0 pages to add some operative functionality to
my app. I configured IIS to use windows integrate authentication for this
pages and it's working just fine.

For security reasons (audit) I need to trace down the username that
requested this page. I already have a custom service called from ASP page
that trace down some data I need. It's there a way to find out what is the
windows username that requested the page so I can pass this information to my
audit function?

Any help it's appreciated!

Best Regards.

Sorin

Bob Barrows [MVP] 01-24-2005 01:52 PM

Re: Help needed - ASP with windows integrated authentication
 
sorin wrote:
> I developed some simple ASP 3.0 pages to add some operative
> functionality to my app. I configured IIS to use windows integrate
> authentication for this pages and it's working just fine.
>
> For security reasons (audit) I need to trace down the username that
> requested this page. I already have a custom service called from ASP
> page that trace down some data I need. It's there a way to find out
> what is the windows username that requested the page so I can pass
> this information to my audit function?
>
> Any help it's appreciated!
>
> Best Regards.
>
> Sorin


Response.Write request.servervariables("logon_user")

This will only contain a value if Anonymous access is disabled.

For more, look up ServerVariables at msdn.microsoft.com/library

Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"



Jim in Arizona 01-24-2005 04:13 PM

Re: Help needed - ASP with windows integrated authentication
 
--SNIP--
>
> Response.Write request.servervariables("logon_user")
>
> This will only contain a value if Anonymous access is disabled.
>
> For more, look up ServerVariables at msdn.microsoft.com/library
>
> Bob Barrows
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>


I've been using Request.ServerVariables("AUTH_USER"), which returns the same
information as LOGON_USER. Is there any advantage to using one over the
other?

Jim



Bob Barrows [MVP] 01-24-2005 06:42 PM

Re: Help needed - ASP with windows integrated authentication
 
Jim in Arizona wrote:
> --SNIP--
>>
>> Response.Write request.servervariables("logon_user")
>>
>> This will only contain a value if Anonymous access is disabled.
>>
>> For more, look up ServerVariables at msdn.microsoft.com/library
>>
>>

>
> I've been using Request.ServerVariables("AUTH_USER"), which returns
> the same information as LOGON_USER.


Not always

> Is there any advantage to using
> one over the other?
>

From msdn library:
AUTH_USER Raw authenticated user name.
LOGON_USER The Windows account that the user is logged into.

As you say, they may contain the same information, esp. if Anonymous is
turned off. One is more explicit than the other (its definition, that is)

Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.




All times are GMT. The time now is 10:30 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.