I I have a web application with IIS set to anonymous access and Integrated Windows Authentication switched on - this is an intranet app.
Once people have hit the site I want to be able to give them customised content according to who they are using possibly Request.ServerVariables("LOGON_USER") And Request.ServerVariables("AUTH_USER"). I plan to use these to identify who they are and then deliver customised content.
I am worried about these being spoofed though eg:
telnet localhost 80
GET /default.asp HTTP/1.1
Obviously the above telnet example won't work as it won't get authenticated but you see my general concern.
I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:
The Exchange of information …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…