IIS6 not logging Authenticated Usernames

G

Guest

Hi,

A part of our ASP website is password protected. People need to create
accounts in order to gain access to the secured website. The username is
email. After the user logs in a session cookie is created. On each secured
page a check is made for session cookie. If this session cookie exists then a
user is allowed to view secured page, if not they are redirected to login
page.

In IIS 6, I checked ‘extended properties’ of W3C Extension Log File Format
and noticed that all the fields have been selected (including cs-username),
but when I look at the log files I see this field showing dashes (-) meaning
IIS 6 is not login usernames.

Can someone tell me what could be the problem here and how to fix it?

Thanks,

Joe
 
B

Bruce Barker

iis only logs the name used in Authorization header. if you are using forms
authenication, then iis has no knowledge of the user name. you could write
you own log filter to log the asp.net name.

hint: add a custom header in the response with the name that the filter can
pick up.

-- bruce (sqlwork.com)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Logging users in/out with Session object 2
Script works fine on test server but not on production server 3
Permissions on new Text File - IIS6 and Windows authentication. 1
ComException 0x80410257 logging into DB from ASP 0
logging website visits, how?? 6
Terminating a authenticated user 3
Unusual problem with Session variables in IIS6 1
Logging in to one site from another... 0

Members online

Total: 27 (members: 3, guests: 24)
Robots: 400

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,020
Latest member
GenesisGai

Latest Threads

Top