logon user server variable

[pachucos]

I have a web page that calls out and does a <%=REQUEST.SERVERVARIABLE(&quot;LOGON_USER&quot%>
which works fine if I disable anonymous access.which then makes all users login. But this page will be a INTRANET page that only users on the inside have access to. I would like to create the page so that no user has to login. Is there a way to get the Logon User ID without haveing to login? I am using Windows 2K3 and IIS6.
any help would be greatly helpful.

 

[foxbox]

No.

REQUEST.SERVERVARIABLE(&quot;LOGON_USER&quot only works when the user fills in the Network Login window.
If you need to limit access to certain pages you have to ask your user to enter login information, be it in this Network Login window or a login page. Otherwise your user is IUSR_<servername>
There are pros and cons to both methods (IMHO): the network login does not require additional programming, NTFS rights can do a lot, etc. But 1 typical problem is that you can not really 'logoff' once you entered your network login (you must close all browser windows first).
Validating users with a login page is a classic, after that you set a session variable to true and start every page with a check on that variable (if not true then redirect to login page). But when you are not able to check your users directly in AD, then maybe this is a HOAJ when you have zillions of users.








hth,
Foxbox

 

[pachucos]

cool
Thank you for the info. I will look into doing something like you said. At least i know now.