|
Click to See Complete Forum and Search --> : Reading who is logged on - howto? vdv 09-16-2003, 01:54 PM Hello, How to retrieve info about who is logged on a PC which is accessing an ASP page? :confused: So that I don't need them to log on that site. Is it achieved only through ADSI? If so - how? Flashjunky 09-17-2003, 10:26 AM user = request.serverVariables("LOGON_USER") then compare user to a list of people you have to see if they need to login or not. Typically I store allowed username in a DB, do a compare and then set a session variable.. vdv 09-20-2003, 07:07 PM qool :D ... but... I doesn't work. I mean the variable is empty... Do I need to setup someting on IIS? rdoekes 09-21-2003, 03:38 AM Yes, In directory security, -anonymous access and authentication control, click edit -check off, anonymous access, check on, basic authentication This requires the user to log in when accessing the application. Note: the passwords and usernames are send to the network unencrypted, so package sniffers can read the login credentials. Now, you are able to use the HTTP header LOGON_USER. When users enter the site using anonymous access, all the requests are impersonated as IUSR_[Machine Name], giving you no information about which PC logged in in the LOGIN_USER HTTP header. Hope this helps, -Rogier Doekes vdv 09-22-2003, 03:28 PM OK, thanx, I found that too :) But still I have trouble... LOGON_USER contains data like this: PCNAME/USERNAME but the PCNAME is always the PC with IIS running. And USERNAME is not the one logged on a PC accessing the asp page. Tested on 2 PCs running XP pro. Connected via single Ethernet cable. Flashjunky 09-23-2003, 03:30 AM What happens is LOGON_USER returns the login domain and username. It seems that you either haven't enabled basic authentication or haven't disabled anonymous authentication. Keep trying and let us know how you're getting on :D vdv 09-23-2003, 12:15 PM Hmm.. Basic auth requires user to logon. This is not my aim. I want to be able to get windows login under which a PC is asccessing ASP page. ie. PC1 - serwer, PC2 - some windows PC. They are in the same domain. User logs into PC2 using his login: 'frank' Then he runs IE and opens an ASP page which is on PC1. PC1 checks who is accesing this page and finds it is PC2, then (or simltaneoulsy?) check who is logged on that PC and finds out it is 'frank'. Then it can check whether that user has access to database etc... Another thing I might need is to check somehow to which Windows domain user groups does belong specified user. Based on that the users will have access to different pages, and different content will show on these pages. vdv 09-23-2003, 12:17 PM I think that if IIS runs on domain server then this works perfectly with windows logging option on in IIS settings. webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved. |
|