Help needed - ASP with windows integrated authentication

S

sorin

I developed some simple ASP 3.0 pages to add some operative functionality to
my app. I configured IIS to use windows integrate authentication for this
pages and it's working just fine.

For security reasons (audit) I need to trace down the username that
requested this page. I already have a custom service called from ASP page
that trace down some data I need. It's there a way to find out what is the
windows username that requested the page so I can pass this information to my
audit function?

Any help it's appreciated!

Best Regards.

Sorin
 
B

Bob Barrows [MVP]

sorin said:
I developed some simple ASP 3.0 pages to add some operative
functionality to my app. I configured IIS to use windows integrate
authentication for this pages and it's working just fine.

For security reasons (audit) I need to trace down the username that
requested this page. I already have a custom service called from ASP
page that trace down some data I need. It's there a way to find out
what is the windows username that requested the page so I can pass
this information to my audit function?

Any help it's appreciated!

Best Regards.

Sorin
Click to expand...

Response.Write request.servervariables("logon_user")

This will only contain a value if Anonymous access is disabled.

For more, look up ServerVariables at msdn.microsoft.com/library

Bob Barrows
 
J

Jim in Arizona

--SNIP--
Response.Write request.servervariables("logon_user")

This will only contain a value if Anonymous access is disabled.

For more, look up ServerVariables at msdn.microsoft.com/library

Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Click to expand...

I've been using Request.ServerVariables("AUTH_USER"), which returns the same
information as LOGON_USER. Is there any advantage to using one over the
other?

Jim
 
B

Bob Barrows [MVP]

Jim said:
--SNIP--

I've been using Request.ServerVariables("AUTH_USER"), which returns
the same information as LOGON_USER.
Click to expand...

Not always
Is there any advantage to using
one over the other?
Click to expand...
From msdn library:
AUTH_USER Raw authenticated user name.
LOGON_USER The Windows account that the user is logged into.

As you say, they may contain the same information, esp. if Anonymous is
turned off. One is more explicit than the other (its definition, that is)

Bob Barrows
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
Integrated Windows authentication fails sporadically IE7 clients 9
ASP.NET Integrated Windows Authentication 2
Integrated Windows Authentication not working 1
integrated Windows authentication 4
Integrated authentication login window 0
[C Language] Need help transferring Linux CodeBlocks Project to Windows CodeBlocks Project 1
WCF and Integrated Windows Authentication 7

Members online

No members online now.
Total: 40 (members: 1, guests: 39)
Robots: 621

Forum statistics

Threads
473,769
Messages
2,569,581
Members
45,056
Latest member
GlycogenSupporthealth

Latest Threads

Top