Link to home
Start Free TrialLog in
Avatar of smert
smert

asked on

Determine authenticated user in SBS2003 RWW

Hi all,

I'm not sure if this is the correct place to ask this as it covers 3 topic areas but....

I am trying to write a system to determine who is currently logged into Remote Web Workplace in SBS2003. What I am intending is create an ASP page that is called via an AJAX call from the client.aspx file. The ASP file will take the authenticated user and store their details in a database. A similar call from the logout page will then update the DB with the log out time.

My problem is finding out the authenticated user details. All the ServerVariables relating to users are empty.

Thanks
Avatar of deighc
deighc

If you set the ASP web application to use Windows Integrated authentication and disable anonymous access then the end users will automatically be authenticated against their NT domain accounts and you can then get the username and domain of the end user from the "LogOn_User" ServerVariable (these settings are found in the IIS admin console).

If you need additional information about the end user then you'll need to read this out of the Active Directory.
Avatar of smert

ASKER

Thanks deighc,

That's exactly what I thought I would have to do, but unfortunately no dice. As I said previously the servervariable is empty. If I turn off anonymous access then the users have to put their username/password into the standard dialog before they get to the RWW login screen, where they have to put it in again.

I am starting to think because the RWW is a .NET application using Forms based authentication, I cannot get access to any of the internal variables, and because the application is precompiled and I don't have the source code, I can't change the original app.

What I need is a way of accessing the Forms based authentication details from classic ASP as I can't change the .Net app.
Avatar of smert

ASKER

I have just worked out a method! The welcome text at the top of the rww homepage is a variable that I can pass through to my classic asp page via the ajax call!

The variable is of the form: Welcome, Firstname Surname.
So it is just a case of stripping the string down to: Firstname Surname and storing in the DB along with a sessionID, then from the logout page I can retrieve the sessionID and update the DB!

Unless there is a more elegant way!
@smert -
>>>I have just worked out a method! The welcome text at the top of the rww homepage is a variable that I can pass through to my classic asp page via the ajax call!

The variable is of the form: Welcome, Firstname Surname.
So it is just a case of stripping the string down to: Firstname Surname and storing in the DB along with a sessionID, then from the logout page I can retrieve the sessionID and update the DB!

Unless there is a more elegant way!


--
I can atleast comment that this is not a stable solution as you may find people with same names and once you do your system will misbehave. Rest OI dont know muich abt RWW .. so cannot comment on hjow you can get the logged in user.
create a new aspx page withing RWW application whcih willl display list of all session variables... this way we may get a hint into whether they are maintainiing the state using sessions or some other technique.

Something like this will do

Dim obj as obj
For each obj in Session.Contents
   Response.Write (Session.Contents (obj))
Next


The syntax maybe wrong but you will get an idea what I mean.

HTH

one thing i forgot to mention, you will have to call this new page once you login to the RWW application.
Avatar of smert

ASKER

Thanks randeeps.

>...you may find people with same names...
We only have a limited number of users who all have different names so that isn't a problem!

>create a new aspx page withing RWW application
Because the RWW is a compiled .Net app, the session variables are limited to within the .Net app and I can't alter it.

The solution I have seems to be working though!
>>>...you may find people with same names...
We only have a limited number of users who all have different names so that isn't a problem!

You are doing a typical mistake of not looking ahead in time that there maybe a possibility of same names.


>>>create a new aspx page withing RWW application
Because the RWW is a compiled .Net app, the session variables are limited to within the .Net app and I can't alter it.

So what if it is compiled. You can still create the new aspx page (dont use codebehind) and do the suggested coding in it to get the list of session variables and call that page after you log in to the RWW application. This change does not require you to have the source code of the application. Why besatisfied with a workaround when you can develop a stable solution which will take caer of 1st pt above.

Rest you know better.

Cheers
ASKER CERTIFIED SOLUTION
Avatar of GranMod
GranMod

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial