Link to home
Start Free TrialLog in
Avatar of Peter Chan
Peter ChanFlag for Hong Kong

asked on

Capture logon name

Hi,
Is there a way to detect/capture logon name (to the machine) of current user, from one Web page, once the user has located to that Web page?
Avatar of Julian Hansen
Julian Hansen
Flag of South Africa image

Do you mean the name they logged on to the local machine with?
For security reasons I don't think this is possible. Firefox has an API for writing plugins to the browser - but I don't believe this is available in web pages. This will also be specific to Firefox
https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEnvironment

IE there may be an ActiveX control - but that would need to be present on the client machine.
Avatar of Peter Chan

ASKER

Yes, but to detect such from relevant Web page.
You will not be able to capture login name unless they log in to site using their Windows credentials
Yes, but to detect such from relevant Web page.
As I said - I don't think this is possible.
HI,

There are different ways to approach for you need, The below are the PHP based code to get the logged in current system username in a webpage

1) Using php environment variable
<?php  global $_ENV; var_dump($_ENV); ?>

Open in new window


2) Using dom object
<php?
 $obj = new COM("wscript.network"); 
 echo $obj->username;
?>

Open in new window

You need to estabilish NTLM login in your web server (which has to be in same domain as users, and not reachable by general public)
it will only be shown client-side and not echoed back to your server
ASKER CERTIFIED SOLUTION
Avatar of Julian Hansen
Julian Hansen
Flag of South Africa image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
You will not be able to capture login name unless they log in to site using their Windows credentials or alternative login mechanism
Avatar of Member_2_276102
Member_2_276102

If I saw a site that did it, the security violation would be reported. A security patch would probably be soon released, and the site would no longer be able to do it.