[thelist] setting LOGON_USER variable

Ken Schaefer ken at adOpenStatic.com
Wed Dec 3 18:15:04 CST 2003


You can't set the Request.ServerVariables("Logon_User") variable.

a) The Request object's collections are *always* read-only. The data in that
collection pertains to the current request, eg the page requested by the
browser, the POST or GET data set by the user, the user-agent string etc.
You can't *change* any of these things on the server because they are all
about the HTTP request from the client. To send things back to the client
you use the Response object.

b) The "Logon_User" variable relates to the user account name that the
user's browser is sending to the server when the server tells the user that
they need to authenticate to see the webpage. When you go to a site, and a
little box pops up asking for a username/password, the username that is
entered is sent by the browser to the server as part of the HTTP request
headers, and is placed by IIS in to the Request.ServerVariables collection.

c) If you have an ISAPI filter you can rewrite the incoming request to
include a username/password combination if you want. ASP will think that the
user has sent a username even though the user hasn't.

d) Otherwise, if you have some other authentication system, then that system
should be able to tell you what user the user has authenticated as.

HTH

Cheers
Ken

Microsoft MVP - Windows Server (IIS)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Sweta" <sweta_gupta at persistent.co.in>
Subject: [thelist] setting LOGON_USER variable


: Hi there,
: I came across the site
: http://lists.evolt.org/archive/Week-of-Mon-20011203/062980.html.
: Even i am trying to set LOGON_USER. I want to ask is
: LOGON_USER a server variable or an IE/Netscape browser's
: variable??? Also, is there any way this variable can be set
: explicitly.
:
: I have a differnt tool for authentication sitting on the IIS
: web-server.I want to bypass the IIS authentication and at
: the same time i want the LOGON_USER variable to be set.
: You have any idea, how can this be done??? (since
: anonymous logon should be checked for former and
: unchecked for latter) Please help.
:
: Please reply asap,
: Regards,
: Sweta



More information about the thelist mailing list