|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
What dictates whether the LOGON_USER Server Variable is sent?I'm using IIS 5.1 and I am trying to gain an understanding of what dictates whether a client sends logon credentials, in order for the Server Variable LOGON_USER to be accessible (i.e. contain useful info)? The current setup I'm working with is as follows ... There are ASP pages stored in DirRoot/ASPdir. There's an ASP.NET project located in DirRoot/ASPNETdir. The ASP pages and the ASP.NET pages refer to each other and both make use of the Server Variable LOGON_USER. ASPTest is a virtual directory mapping to the ASP directory - DirRoot/ASPdir. ASPNETTest is a virtual directory mapping to the ASP.Net directory - DirRoot/ASPNETdir. The application start page is located in the ASP.Net directory. My assumption was that in order for this setup to work and the LOGON_USER server variable to be accessible by both the ASP and the ASP.NET pages, BOTH of these virtual directories would have to use Windows Integrated Authentication. Whilst playing I've noticed that if the ASPTest virtual directory is set to use Anonymous Authentication the setup works, however not consistently. This behaviour is the same for both FireFox and IE. As this behaviour is inconsistent I would like to get a full understanding of what is happening. So what factors affect whether LOGON_USER is accessible? Many thanks in advance! Cheers Nick <nickbdav***@gmail.com> wrote in message
news:1147875139.118038.170750@j55g2000cwa.googlegroups.com... To answer your question. This depends on whether or not anonymous > Hi > > I'm using IIS 5.1 and I am trying to gain an understanding of what > dictates whether a client sends logon credentials, in order for the > Server Variable LOGON_USER to be accessible (i.e. contain useful info)? authentication is on or of. If it is off, LOGON_USER equals the user that logged on, if succeeded. Show quoteHide quote > > The current setup I'm working with is as follows ... > > There are ASP pages stored in DirRoot/ASPdir. > > There's an ASP.NET project located in DirRoot/ASPNETdir. > > The ASP pages and the ASP.NET pages refer to each other and both make > use of the Server Variable LOGON_USER. > > > > ASPTest is a virtual directory mapping to the ASP directory - > DirRoot/ASPdir. > > ASPNETTest is a virtual directory mapping to the ASP.Net directory - > DirRoot/ASPNETdir. > > The application start page is located in the ASP.Net directory. > > > My assumption was that in order for this setup to work and the > LOGON_USER server variable to be accessible by both the ASP and the > ASP.NET pages, BOTH of these virtual directories would have to use > Windows Integrated Authentication. Whilst playing I've noticed that if > the ASPTest virtual directory is set to use Anonymous Authentication > the setup works, however not consistently. > > This behaviour is the same for both FireFox and IE. > > As this behaviour is inconsistent I would like to get a full > understanding of what is happening. So what factors affect whether > LOGON_USER is accessible? > > Many thanks in advance! > > Cheers > > Nick > Thank you for your reply. What I'm wondering though is why LOGON_USER
sometimes contains information when anonymous authentication is on. Cheers Nick Logon_User is populated by the server based on the what the client sends to
the server. The client does not send Logon_User to the server per se. If you visit a page that requires authentication, then for subsequent requests to that server your browser will continue to send the same credentials. If a file accepts both "anonymous" requests and "authenticated" requests (e.g. Basic, IWA), and your browser sends credentials, then Logon_User will be populated by IIS. Cheers Ken Show quoteHide quote "Nick" <nickbdav***@gmail.com> wrote in message news:1147885653.451205.16100@i39g2000cwa.googlegroups.com... > Thank you for your reply. What I'm wondering though is why LOGON_USER > sometimes contains information when anonymous authentication is on. > > Cheers > > Nick > 
Other interesting topics
Service principal name (SPN) / Active Directory Problem
IIS6, Windows Integrated Authentication, Denied access Integrated Windows Authority setting causing IIS 6.0 to crash Authenticate web access based on IP address in IIS5 Integrated Authentication with trusted domain. HTTPS : Secured and non secured item with absolute path Multiple SSL Sites on One Web Server Running on Port 443 Multiple secured web servers on same IP require multiple certificates? MS Powerpoint AppPool Identity IIS6 security problem |
|||||||||||||||||||||||
