[thelist] Re: ASP LOGON_USER Variable
Scott Dexter
sgd at ti3.com
Wed Dec 5 13:33:31 CST 2001
> if the user is connecting from within the same domain and has
> been granted
> access to the resource, the authentication is transparent;
> otherwise if the
> user is connecting from another domain, the user will be
> prompted initially
> for username, password, and domain (iirc), but just once (I'm
yeah, this is pretty much the case in an intranet environment (IE will
do the authentication under the covers automagically); the LOGON_USER is
an environment variable that will get populated as a result of this
authentication. You can't populate it explicitly. (IE and its 'zones'
--Netscape will throw up the login popup regardless. Oh, and it can't do
NTCR)
You can also leave anonymous access on, but on the folder/files in the
file system tweak the permissions such that Guest/IUSR_<machinename>
can't get to them (remove "Everyone" and add in your domain groups as
needed).
I haven't looked at the link that was sent earlier, maybe there's
something in there that you can lean on.
hth
sgd
More information about the thelist
mailing list