Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Integrated Auth and Anon issue

Status
Not open for further replies.
RoadRacer

RoadRacer

Programmer
Dec 18, 2000
61
US
Is there any way to get the NT's username when a person accesses a website with Anonymous access and Integrated Win Auth both enabled? I can obviously get it with only Integrated enabled but when I turn on anonymous it seems that overrides NT's auth and I can't get a username.

Any way to force NT to authenticate before Anon takes over? Ed (RoadRacer) Holguin

"I Hate Computers!"
 
Sort by date Sort by votes
The only way to get the user name is turn off the anon connection.

Chris.
 
Upvote 0 Downvote
Thanks, that's what I was afraid of. =( Ed (RoadRacer) Holguin

"I Hate Computers!"
 
Upvote 0 Downvote
With anonymous inside on a domain, it is still possible to grab username by using the

strNTUser = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = Len(strNTUser) - InStr(1, strNTUser,"\",1)
strNTUser = Right(strNTUser, iPos)

variables in your ASP, but client browsers have to be configured to work properly/

If that doesn't work well, try

request.servervariables("AUTH_USER")

instead. If this still doesn't solve your problem use ADSI, which is a nice complicated but functional option if you use Active Directory.

No anonymous is still the guarenteed way though.

Galrahn
 
Upvote 0 Downvote
Thanks Galrahn, AUTH_USER is what I was using before of course and no dice. I wasn't aware of LOGON_USER however and I just tried that and it responded the same way AUTH_USER did, so no-go that way as well. What are the configuration changes for the browsers that you know about to make it work? I've looked everywhere and can't find anything short of allowing basic authentication at the risk of loosing some security. Ed (RoadRacer) Holguin

"I Hate Computers!"
 
Upvote 0 Downvote

Within IE, try go to the Tools | Internet Options.

Then select the Security Tab.

Highlight Trusted Sites, and add your website to the zone, disable https requirement if necessary.

Then choose the 'custom level...' option, and verify that User Authentication is set to "Automatic Logon with current Username and Password." This is a default setting with IE 6.0 for Trusted Sites.

Then see if it works with your ASP veriables.

Have you thought about adding an include or some other non anonymous something within your page that via script requests pass-through authentication. A couple years ago I worked for a company that had a picture on the front page that would animate if you authenticated via pass-through authentication, but was not animated if you didn't. Basically he removed anonymous access to the picture, so if the user authentication failed it defaulted to the plain jane picture instead of a 404 on that particular page. I imagine there are better ways to do that type of thing today.

 
Upvote 0 Downvote
Interesting ideas, I'm going to try them out and I'll post what I find later today. Thanks!

I kinda like that picture idea, sneaky! Ed (RoadRacer) Holguin

"I Hate Computers!"
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question
Trust relationship issue 1
Replies
3
Views
774
araheusaff
araheusaff
pomazip
  • Locked
  • Question
Windows Server 2019 mac address issue
Replies
2
Views
914
pomazip
pomazip
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
319
DrB0b
DrB0b
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
423
telecotek1
telecotek1
kbryii
  • Locked
  • Question
AD and DHCP issue
Replies
1
Views
258
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top