We have an existing ISAPI filter that performs authentication for all pages
on our web site, including pages we are now writing for ASP.NET. The filter
is pretty basic, receiving the user name and password in clear text and
checking them against a database of users. The filter has been in use for
some time with classic ASP pages.
From classic ASP pages, the application can retrieve the login name that the
user entered from Request.ServerV ariables("AUTH_ USER"), which I assume
simply parses the http Authorization header. The account used by the
authentication filter for impersonation can be retreived using
Request.ServerV ariables("LOGON _USER").
The problem we are running into with ASP.NET is that no matter what
authentication mode we set in the Web.Config file (Windows or None), we are
having problems accessing the login name entered by the user.
Request.ServerV ariables("AUTH_ USER") will always return blank, and
IIdentity.Name will either be blank or will contain the name of the
impersonation account.
We were planning on writing our own implementation of the IPrincipal and
IIdentity interfaces so that we can set the IIdentity.Name property
correctly, but I am trying to figure which authorization mode is correct and
how we should extract the login name entered by the user. I would prefer to
not parse the http headers in our code just to extract the login name, but I
can't find any other way to do it.
Any suggestions?
TIA
MJS
1  7226 
I have the exact same problem and I am considering what to do.
I don't have a clean solution, but as a workaround I am thinking of doing something like this:
1. In Global.asax in Session_Start check Session for some value like say "REAL_USER_NAME "
2. If it is not there then do a redirect to a *.asp page that will pick up AUTH_USER server variable (that does actuall have the value I want since it is a normal ASP page and not ASP.NET)
3. Pass the value you got in the *.asp page to an *.aspx page in the query string and that *.aspx page can put it in the Session object
4. Redirect from the *.aspx page above to the page that originally started the mess.
This will create an overhead at the session start and does not look very elegant.
Hope somebody has a better idea.
We have an existing ISAPI filter that performs authentication for all pages
on our web site, including pages we are now writing for ASP.NET. The filter
is pretty basic, receiving the user name and password in clear text and
checking them against a database of users. The filter has been in use for
some time with classic ASP pages.
From classic ASP pages, the application can retrieve the login name that the
user entered from Request.ServerV ariables("AUTH_ USER"), which I assume
simply parses the http Authorization header. The account used by the
authentication filter for impersonation can be retreived using
Request.ServerV ariables("LOGON _USER").
The problem we are running into with ASP.NET is that no matter what
authentication mode we set in the Web.Config file (Windows or None), we are
having problems accessing the login name entered by the user.
Request.ServerV ariables("AUTH_ USER") will always return blank, and
IIdentity.Name will either be blank or will contain the name of the
impersonation account.
We were planning on writing our own implementation of the IPrincipal and
IIdentity interfaces so that we can set the IIdentity.Name property
correctly, but I am trying to figure which authorization mode is correct and
how we should extract the login name entered by the user. I would prefer to
not parse the http headers in our code just to extract the login name, but I
can't find any other way to do it.
Any suggestions?
TIA
MJS
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Aaron |
last post by:
whats the difference between an isapi filter and isapi extension?
thanks
|
by: Cybermedia Marketing |
last post by:
I'm trying to convert an ISAPI filter to an httpmodule. The ISAPI filter
added custom headers to the response which could later be accessed by the
asp page.
ISAPI Filter:
pvPrep->SetHeader(pfc, "Instance-Id:", info->instance_id);
pvPrep->SetHeader(pfc, "Company-Id:", info->company_id);
pvPrep->SetHeader(pfc, "Primary:", info->hostname);
pvPrep->SetHeader(pfc, "Profile:", buffer);
|
by: Boris Condarco |
last post by:
Hi gurus,
I was reading some documentation about security in .NET Framework, it
mention that it is possible to make custom Role Based security for example:
check the authentication with Windows Integrated and once do that, create a
Generic Identity in orde to create a Generic Principal with custom roles for
that user. Finally, replace the current Principal to the new Generic
Principal.
Is it possible to do this in an ASP.NET...
|
by: Jon Maz |
last post by:
Hi All,
I've been looking into options for URL Rewriting in .net, and to be honest,
I haven't seen anything that's easier than the old Classic Asp solution with
an ISAPI filter redirecting to an .asp page with responsibility for handling
the redirect.
I'm now planning to use this solution with my next .net project, and was
wondering if anyone else out there has done this already, and what problems
(if any) arise. Hopefully the news...
|
by: Patrick.O.Ige |
last post by:
How can i get to redirect users if the get error 401.2 to another page?
I guess i should be possible to do it in Global.asax?
Or are there any better ways around it..
Any better solutions in ASP.NET 2.0?
Patrick
| | |
by: Adam |
last post by:
Im trying to add an httphandler for all *.sgf file extensions. I have
developed the handler,
1. installed it into the gac
2. added it to the machine.config:
<httpHandlers>
<add verb="*" path="*.sgf" type="CustomExtensionHandler,
Extenders.CustomExtensionHandler, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=d831d925597c1031" validate="True"/>
</httpHandlers>
|
by: Drew Burchett |
last post by:
I am currently coding an ISAPI filter and I would like to use some .Net
functionality within the filter. However, when I include calls to anything
in the framework, it locks the dll and will not release it until I restart
the machine. Even after restarting the W3SVC and removing it from the list
of ISAPI filters, it still has a lock on it. Any ideas why?
|
by: Sheila |
last post by:
Hi,
I have setup a Sharepoint 2003 server which has an ISAPi filter installed,
now I want to develop a HTTPModule which needs to run before the ISAPI
filter. So my question is, if a HTTPModule and an ISAPI filter are installed
on the same web virtual directory, which one will process first?
Thanks in advance.
|
by: Chris Curvey |
last post by:
Hi all,
I'm trying to write an ISAPI filter in Python, using the examples that
come in the "isapi" directory of the win32com package. The
installation program itself runs fine, but when I examine the
properties of my web server, my filter has a big red down arrow next to
it. But I can't seem to figure out where I should be looking to find
the trouble. If anyone can point me to the right place (or see an
obvious error in the code...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
