How to grab the session("LOGON_USER") variable in .NET 2

[CatManDave]

Let me first apologize for the very basic question. I am new to .NET and I need to grab the logon ID of users as they load an Intranet application. In old ASP Classic it was simple:

USER_ID = Session("LOGON_USER")

Is there something simliar in .NET? I looked through the 1 million article hits in a MSDN search and natrually found nothing. I also looked through the forums here but didn't find anything on it.

Thanks in advance for your help,
.NET Rookie

 

[yu217171]

Hi,

Are you referring to the Windows login name or are you referring to saving a local variable to a Session variable ?

Keith

 

[dragonwell]

Request.ServerVariables("LOGON_USER")

is probably what you are looking for. This key will only be available if the application's virtual directory is set to "Integrated Windows Authentication" in IIS.

ServerVariables are actually deprecated in .NET. The preferred way is to simply use [ignore]HttpContext.Current.User.Identity.Name[/ignore] (or, from a asp.net page, simply User.Indetity.Name)

which should return a "DOMAIN\UserName" value.

Hope that helps

Greetings,
Dragonwell

 

[CatManDave]

Thanks dragonwell. Worked as advertised.
-Dave

 

[OracleVictim]

Boy this is just what I'm trying to do. All I want is the name of the user accessing the page. I've embedded
"Request.ServerVariables("LOGON_USER")" in my page load event and get nothing. It looks like I'm probably set to accept an annonymous login and that may be my problem. However, I don't know how to change that (if this is my problem).

Any clues?

Thanks

OracleVictim

 

[CatManDave]

Sure. Go to your Default Web Site under IIS. Then find your web app and right click for properties. You'll see the Directory Security tab. Click on it. CLick on the Anonymous Access button and make sure that ONLY the Integrated Security check box is checked. That will force the NT login your way when you do the RequestServerVariable("LOGON_USER") command.

That should do it.

 

[OracleVictim]

Thanks

Frankly, the Microsoft documentation on many things leave much to be desired (understatement). Advice from folks like yourself is what makes working with this stuff tolerable.

Thanks again

OracleVictim

 

[LilProgrammerGirl]

Hi all,
I would like to do this same thing. However, If I change the security to not allow anonymous logins - my connection to my SQL Server won't work! Is there another way to do this? Or would I have to add in EVERYONE to my sql server's access?

Otherwise, I have a vbs script that when you double click on it - it will grab the username.. but how do I call this from asp and pass that to a variable on my asp page?

Thanks,
Hailey

 

[jzelhart]

Hailey,

I would create a user in the SQL Server and use that login and password to connect to the SQL Server. (Hopefully your SQL Server was setup to do both kinds of users (Windows and SQL Server).

Be careful setting the Anonymous user to have rights in your SQL Server, I would think it could be hacked with very little effort.

Hope this helps.

Hope everyone is having a great day!

Thanks - Jennifer