?
Solved

ASP Classic and Basic Authentication

Posted on 2010-08-27
2
Medium Priority
?
892 Views
Last Modified: 2012-05-10
I have an ASP Classic web site that is running on an IIS that is setup for Basic Authentication with anonymous access disabled.  I also have a login script that requires the user to type in a username and then validates it across active directory for their password, once validated it then creates several cookies to be used throughout the site.

Right now when you navigate to the site for the first time, you have to login to the windows authentication prompt, then login again at my login page.  Is there a way to capture the basic authentication username and password and have it pass to the login I already have?

I have included some of the code that I am using for the login validation page.
'**************************
'Active Directory CheckSum
'**************************	
On Error Resume Next	
if (not strUserName= "") then
		
	strADsPath = "WinNT://" & strADsPath
	Dim oADsObject  
	Dim tempstr
	tempstr = strDomain & "\" & strUserName
	
	Set oADsObject = GetObject(strADsPath)
	
	Dim strADsNamespace
	Dim oADsNamespace
	strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
	set oADsNamespace = GetObject(strADsNamespace)
	Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, tempstr, strPassword, 0)
	
	if not (Err.number = 0) then				
		Response.redirect"login.asp?Message=Please provide a correct login name<br>or system password for the " & strDomain & " domain!<br>"
		'response.write err.description & "<p>"
		if err.number = -2147022987 then ' for account logout
			Response.write "<strong>Your account has been logged out!</strong>"
		end if
		
	else				
		Dim strProj, Objrs
		Set Objrs = Server.CreateObject("ADODB.Recordset")
		Call OPEN_DB
		If AreYouATech = 1 Then
			strProj = "SELECT * FROM tblTechnician Where username = '" & StrUserName & "'"
		Else
			strProj = "SELECT * FROM tblNonTechnician WHERE ClientEmplID = " & StrUserName
		End If
		Set Objrs = MyConn.Execute(strProj)
		
		If NOT Objrs.EOF Then
			If AreYouATech = 1 Then
				'Cookies Go Here
			Else
				Dim RSClient, SQLClient
				Set RSClient = Server.CreateObject("ADODB.Recordset")
				Call OPEN_DB
				SQLClient = "SELECT * FROM tblClient WHERE ClientEmplID = " & StrUserName
				Set RSClient = MyConn.Execute(SQLClient)
				
				'Cookies Go Here
			End If
		Else
			Set Objrs = Nothing
			Set ObjConn = Nothing
			Response.redirect"login.asp?Message=Invalid UserName! Please try again"
		End If
	End If
End If

Open in new window

0
Comment
Question by:LouSch7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 14

Expert Comment

by:wolfman007
ID: 33542940
Request.ServerVariables("LOGON_USER") will pick up the username for the user when you are using Basic Authentication

see the following website

Authentication Methods in IIS
http://www.4guysfromrolla.com/webtech/020201-1.shtml
Request.ServerVariables("LOGON_USER")

Open in new window

0
 
LVL 14

Accepted Solution

by:
wolfman007 earned 2000 total points
ID: 33542995
You could also try using

Request.ServerVariables("AUTH_USER") Returns the raw authenticated user name

Request.ServerVariables("AUTH_PASSWORD") Returns the value entered in the client's authentication dialog

ASP ServerVariables Collection
http://www.w3schools.com/asp/coll_servervariables.asp
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question