«

I developed some simple ASP 3.0 pages to add some operative functionality to
my app. I configured IIS to use windows integrate authentication for this
pages and it's working just fine.

For security reasons (audit) I need to trace down the username that
requested this page. I already have a custom service called from ASP page
that trace down some data I need. It's there a way to find out what is the
windows username that requested the page so I can pass this information to my
audit function?

Any help it's appreciated!

Best Regards.

Sorin

sorin wrote:
> I developed some simple ASP 3.0 pages to add some operative
> functionality to my app. I configured IIS to use windows integrate
> authentication for this pages and it's working just fine.
>
> For security reasons (audit) I need to trace down the username that
> requested this page. I already have a custom service called from ASP
> page that trace down some data I need. It's there a way to find out
> what is the windows username that requested the page so I can pass
> this information to my audit function?
>
> Any help it's appreciated!
>
> Best Regards.
>
> Sorin

Response.Write request.servervariables("logon_user")

This will only contain a value if Anonymous access is disabled.

For more, look up ServerVariables at msdn.microsoft.com/library

Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

--SNIP--
>
> Response.Write request.servervariables("logon_user")
>
> This will only contain a value if Anonymous access is disabled.
>
> For more, look up ServerVariables at msdn.microsoft.com/library
>
> Bob Barrows
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>

I've been using Request.ServerVariables("AUTH_USER"), which returns the same
information as LOGON_USER. Is there any advantage to using one over the
other?

Jim

Jim in Arizona wrote:
> --SNIP--
>>
>> Response.Write request.servervariables("logon_user")
>>
>> This will only contain a value if Anonymous access is disabled.
>>
>> For more, look up ServerVariables at msdn.microsoft.com/library
>>
>>
>
> I've been using Request.ServerVariables("AUTH_USER"), which returns
> the same information as LOGON_USER.

Not always

> Is there any advantage to using
> one over the other?
>
From msdn library:
AUTH_USER Raw authenticated user name.
LOGON_USER The Windows account that the user is logged into.

As you say, they may contain the same information, esp. if Anonymous is
turned off. One is more explicit than the other (its definition, that is)

Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.