Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here


conditional windows authentication

conditional windows authentication

conditional windows authentication

in classic asp, is there any way that I can have my site set for anonymous access, but under certain conditions, force a windows authentication?

I have one file /db/db.asp that contains my database login function, which currently uses a fixed account, but if the user that has logged into my site is a employee, then I would like to use windows authentication to be able to use their login for the database connection instead of using the default account. This is because I need to improve the accuracy of my logging functions (mostly in triggers). Showing WEBSERVER as the user is fine for external users, but I need to be able to log employees transactions with more detail

The only solution I have been able to find is to move all password protected parts to a sub folder, then have a virtual folder linked to it, so that one uses anonymous and the other uses windows auth, then have the login script redirect to the appropriate folder, but this will involve tracting down every link through the site that uses an absolute reference, as well as tracing down links in 3 other sites, and finding links stored in several tables in the database as well, so I'm looking for a way that will allow me to keep the site structure as is,

RE: conditional windows authentication

Nothing really to do with ASP, Classic or not. Windows Authentication is done at server level not at application level.

Whilst you can get the authenticated user from the environment variables, it doesn't work in the opposite direction, and for ASP to communicate with Active Directory using LDAP the webserver needs to be a running as a Domain Controller, which is probably not the best idea for an "external facing" webserver. :D
Back in the days when I had to do that sort of thing as a wage slave, I did play around with running a internal only web site on a secondary DC (Windows 2K) that would accept a POST request from the web box for user authentication. Never completed it though because the company and I decided to have a trial separation, and oddly enough I've never felt the urge for a reconcilliation.

Posting the question forum41: Microsoft: Internet Information Server might yield better answers


Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close