[thelist] Re: ASP LOGON_USER Variable

Scott Dexter sgd at ti3.com
Wed Dec 5 13:33:31 CST 2001


> if the user is connecting from within the same domain and has 
> been granted
> access to the resource, the authentication is transparent; 
> otherwise if the
> user is connecting from another domain, the user will be 
> prompted initially
> for username, password, and domain (iirc), but just once (I'm 


yeah, this is pretty much the case in an intranet environment (IE will
do the authentication under the covers automagically); the LOGON_USER is
an environment variable that will get populated as a result of this
authentication. You can't populate it explicitly. (IE and its 'zones'
--Netscape will throw up the login popup regardless. Oh, and it can't do
NTCR)

You can also leave anonymous access on, but on the folder/files in the
file system tweak the permissions such that Guest/IUSR_<machinename>
can't get to them (remove "Everyone" and add in your domain groups as
needed).

I haven't looked at the link that was sent earlier, maybe there's
something in there that you can lean on.

hth
sgd




More information about the thelist mailing list