to get some information about the web site user

Soha wrote:

i building a website in a LAN which will not be published on the
internet. but the users in the LAN are accessing the web site through
an ISA firewall server. i would like to ask if there is a way to get
the ip address of the users to monitor their access to the web site. i
tried to use the servervariable REMOTE_ADDR but of course it returns
the firewall's ip address.
can any one tell how can i do get the ip address of the users to save
it in a database.

Have you tried stepping through the Request.ServerVariables collection yet?
You ought to find one in there (X_FORWARDED_FOR, for example) with another
IP address. This is not necessarily the originating IP address, since the
user could be sitting behind NAT, or some other type of proxy.

--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.

If you're only inside the LAN, why not require the user to authenticate,
then you can get LOGON_USER instead, which is likely more valuable than IP
address (and in general, can be used to map back to IP address).

ASP/IIS can only see what the last hop shows it; there is no way to get back
to the original user's machine if the one exposed is the firewall.


"Soha" <se******@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...

i building a website in a LAN which will not be published on the
internet. but the users in the LAN are accessing the web site through
an ISA firewall server. i would like to ask if there is a way to get
the ip address of the users to monitor their access to the web site. i
tried to use the servervariable REMOTE_ADDR but of course it returns
the firewall's ip address.
can any one tell how can i do get the ip address of the users to save
it in a database.
thank you

i did study the server variable but i didn't find any variable with the
name X_FORWARDED_FOR even on msdn web site i can't find anything
also i can't do a login page coz the site is just for view a collection
of the news and articles from the newspapers written about the place i'm
working in. so i guess it will be annoying for my college. is there any
other solution???
*** Sent via Developersdex http://www.developersdex.com ***

> also i can't do a login page coz the site is just for view a collection

You don't need to build a login page for people to authenticate. You just
turn off anonymous access, if it's all on one domain they won't have to
enter anything, otherwise IIS will take care of the prompt for you... and in
either case, now Request.ServerVariables("LOGON_USER") will be populated.

working in. so i guess it will be annoying for my college. is there any
other solution???

Aside from using login name instead of IP address? Afraid not. If this
information is not exposed, you may as well be trying to get blood from a
stone. Why do you need to know who it is, anyway?

NOTE: If you refuse to quote, I will refuse to respond further.

Soha ElSaeed wrote:

i did study the server variable but i didn't find any variable
with the name X_FORWARDED_FOR even on msdn web site i can't
find anything

Who said anything about the MSDN site? I asked if you had bothered STEPPING
THROUGH the collection. Try it.

And yes, I know MSDN says nothing about X_FORWARDED_FOR. But MSDN cannot
possibly know every header that might be sent in a request.
--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.

coz my manager wants to know who accessed the site and who didn't to
punish the ones who didn't. (stubidtly)
thanks but i have to go back to the system administrator to make this
changes.

*** Sent via Developersdex http://www.developersdex.com ***

note: i'm sorry but i don't refuse to qoute i'm just new in this site so
i don't know how to qoute.i just know how to reply.

about the X_FORWARDED_FOR i thought the msdn knows the server variables
and its headers. but i'm still searching in other asp sites coz the asp
help i have now is the help from msdn.
*** Sent via Developersdex http://www.developersdex.com ***

> note: i'm sorry but i don't refuse to qoute i'm just new in this site so

i don't know how to qoute.i just know how to reply.
First off, please use a newsreader.
http://www.aspfaq.com/5007

Second, do you see the way I've included relevant portions of your message,
interspersed with my reply? This is what Dave is talking about when he says
"quote"...
about the X_FORWARDED_FOR i thought the msdn knows the server variables
and its headers. but i'm still searching in other asp sites coz the asp
help i have now is the help from msdn.

Stop "searching in other asp sites" and save this asp page as srvvar.asp:

<%
for each x in Request.ServerVariables
response.write x & "<br>" & Request.ServerVariables(x) & "<p>"
next
%>

Now, hit srvvar.asp on the server, through the firewall, from one of the
machines that you are planning to capture information from. Maybe you will
getlucky and see something like X_FORWARDED_FOR, maybe not. It all depends
on your firewall's hardware and whether or not it supports the functionality
and whether it has been enabled/configured to do so.

If these guys are all inside your LAN, why are they going through a firewall
to hit an internal app? Couldn't you just place that application inside the
firewall (or make them log in), if it is so important for the boss to know
who has visited and who has not?

A

>First off, please use a newsreader.
thank u but it seems that the system administrator has closed the nntp
coz i can't connect.and i always receive a msg saying the could not be
found. so i have to keep using the html interface for the newsgroup

second i didn't get the "X_FORWARDED_FOR" after i run the script.

[qoute]If these guys are all inside your LAN, why are they going through
a firewall to hit an internal app? Couldn't you just place that
application inside the firewall (or make them log in), if it is so
important for the boss to know who has visited and who has not?[/qoute]

third i don't know why the previous system administrator has done this
and the current system administrator is lazy to watch the firewall log
files which shows the requests the users do on web sites. so i have to
solve this problem on my own.

thank u A and thank u Dave
and Dave; i hope now u understand why i didn't qoute.
*** Sent via Developersdex http://www.developersdex.com ***

Soha ElSaeed wrote:

First off, please use a newsreader.

thank u but it seems that the system administrator has
closed the nntp coz i can't connect.and i always receive
a msg saying the could not be found. so i have to keep
using the html interface for the newsgroup

And yet it is still possible to quote from the developersdex.com
interface.
--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message.
Use of this email address implies consent to these terms. Please do not
contact me directly or ask me to contact you directly for assistance. If
your question is worth asking, it's worth posting.

*** Sent via Developersdex http://www.developersdex.com ***

>And yet it is still possible to quote from the

developersdex.com interface.

yes by copying the text and adding the > sign to the text. and again
sorry for not taking quotes


*** Sent via Developersdex http://www.developersdex.com ***