By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,320 Members | 2,109 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,320 IT Pros & Developers. It's quick & easy.

How to get the username, without login prompt?

P: n/a
I am posting this for the lack of a better newsgroup, and for the
knowledge of people here, and because its only partially OT.

We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever.

Now I am trying to eliminate the login window entirely. In an html
request, the client (firefox, ie, etc) sends the clients hostname, IP,
a bunch of other stuff, but never the username. If the server-side
scripts could know which user is logged in, it could display only the
reports that user has access to. Ideally the process should work
across browsers... else I could compile firefox to send the username
in the header somewhere...

So I ask all the skilled developers here, this intriguing question.
How do you pass the username to the server without the login prompt???

Ideas:
(1) A fixed cookie
(2) ActiveX somehow.
(3) An applet is loaded that somehow gets the username, and the page
redirects in 1 sec, sending the username to the server.
(4) Firefox compiled to somewhere in the header include the username
(5) An initial page that runs an applet or something, that puts the
username into a cookie, and the page redirects in 1 sec, sending the
cookie
Is there any programming language, api, COM (Activex? applets?) or
other method to do this cleanly??

will it work if I exclusively use IIS and IE instead of firefox and
apache?
Jul 17 '05 #1
Share this Question
Share on Google+
11 Replies


P: n/a
Ghazan Haider wrote:
I am posting this for the lack of a better newsgroup, and for the
knowledge of people here, and because its only partially OT.

We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever.

Now I am trying to eliminate the login window entirely. In an html
request, the client (firefox, ie, etc) sends the clients hostname, IP,
a bunch of other stuff, but never the username. If the server-side
scripts could know which user is logged in, it could display only the
reports that user has access to. Ideally the process should work
across browsers... else I could compile firefox to send the username
in the header somewhere...

So I ask all the skilled developers here, this intriguing question.
How do you pass the username to the server without the login prompt???

Ideas:
(1) A fixed cookie
(2) ActiveX somehow.
(3) An applet is loaded that somehow gets the username, and the page
redirects in 1 sec, sending the username to the server.
(4) Firefox compiled to somewhere in the header include the username
(5) An initial page that runs an applet or something, that puts the
username into a cookie, and the page redirects in 1 sec, sending the
cookie
Is there any programming language, api, COM (Activex? applets?) or
other method to do this cleanly??

will it work if I exclusively use IIS and IE instead of firefox and
apache?


Quick couple of questions before I ponder.

1) Is this an internal network (192.168) style
2) Straight in access from any IP connection ie visible from the web or
intranet ?
3) Roaming logins in that a user a may login from any machine or is user
fixed to one specific machine and hence a fixed internal IP ?
Jul 17 '05 #2

P: n/a
NSpam wrote:
Ghazan Haider wrote:
I am posting this for the lack of a better newsgroup, and for the
knowledge of people here, and because its only partially OT.

We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever.

Now I am trying to eliminate the login window entirely. In an html
request, the client (firefox, ie, etc) sends the clients hostname, IP,
a bunch of other stuff, but never the username. If the server-side
scripts could know which user is logged in, it could display only the
reports that user has access to. Ideally the process should work
across browsers... else I could compile firefox to send the username
in the header somewhere...

So I ask all the skilled developers here, this intriguing question.
How do you pass the username to the server without the login prompt???

Ideas:
(1) A fixed cookie
(2) ActiveX somehow.
(3) An applet is loaded that somehow gets the username, and the page
redirects in 1 sec, sending the username to the server.
(4) Firefox compiled to somewhere in the header include the username
(5) An initial page that runs an applet or something, that puts the
username into a cookie, and the page redirects in 1 sec, sending the
cookie
Is there any programming language, api, COM (Activex? applets?) or
other method to do this cleanly??

will it work if I exclusively use IIS and IE instead of firefox and
apache?

Quick couple of questions before I ponder.

1) Is this an internal network (192.168) style
2) Straight in access from any IP connection ie visible from the web or
intranet ?
3) Roaming logins in that a user a may login from any machine or is user
fixed to one specific machine and hence a fixed internal IP ?


Oh and by are client machines running Windows or Linux. If Windows and
we are talking PHP based web pages it should be possible to get the
windows user id/password via the PHP win32 api. Can't speak for Perl. I
don't know if this would answer as you may have different login
requirements for different reporting engines.
Jul 17 '05 #3

P: n/a
> 1) Is this an internal network (192.168) style

Yes... it shouldnt matter though. Would like the flexibility of the
Internet too.
2) Straight in access from any IP connection ie visible from the web or
intranet ?
Currently yes, but if we go Internet, it'll probably pass through an
openbsd firewall. Once again, currently I'll take anything.
3) Roaming logins in that a user a may login from any machine or is user
fixed to one specific machine and hence a fixed internal IP ?


A user may login from any machine.

I thought of cookies on each machine or authenticating by IP. Bad
idea, we have DHCP and IPs have gotten shuffled around (maybe
hostnames, but those change too). I thought of login batch files that
create the cookies, which contain usernames. That gets pretty close.
Anything along the lines of COM or ActiveX should be cleaner, if they
can scoop up usernames from the client to put into a query, link or
form. Not having to touch each machine would be one step forward,
browser independence would be another.

All machines however are win32. The win32 API couldnt work since they
interface with the server's DLLs, I'm at pains to wonder how they
could touch a client's DLLs or windows outside of COM, .NET or
activex...

Any ideas how to get the username without touching each machine, or
without login scripts or recompiling firefox?
Jul 17 '05 #4

P: n/a
Ghazan Haider wrote:
I am posting this for the lack of a better newsgroup, and for the
knowledge of people here, and because its only partially OT.

We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever.

Now I am trying to eliminate the login window entirely. In an html
request, the client (firefox, ie, etc) sends the clients hostname, IP, a bunch of other stuff, but never the username. If the server-side
scripts could know which user is logged in, it could display only the
reports that user has access to. Ideally the process should work
across browsers... else I could compile firefox to send the username
in the header somewhere...

So I ask all the skilled developers here, this intriguing question.
How do you pass the username to the server without the login prompt???
Ideas:
(1) A fixed cookie
(2) ActiveX somehow.
(3) An applet is loaded that somehow gets the username, and the page
redirects in 1 sec, sending the username to the server.
(4) Firefox compiled to somewhere in the header include the username
(5) An initial page that runs an applet or something, that puts the
username into a cookie, and the page redirects in 1 sec, sending the
cookie
Is there any programming language, api, COM (Activex? applets?) or
other method to do this cleanly??

will it work if I exclusively use IIS and IE instead of firefox and
apache?

If you use IIS and IE, there is a setting in IIS... under "Directory
Security"... to disable Anonymous access and turn on "Integrated
Windows Authentication".

When this is enabled, IIS will talk to IE using a proprietary
challenge-response protocol to determine the username without the user
having to type it in. Within PHP then, $_SERVER["AUTH_TYPE"] will say
"Negotiate" and the username will appear in $_SERVER["AUTH_USER"],
$_SERVER["LOGON_USER"] and $_SERVER["REMOTE_USER"]. I'm not sure what
the difference between the three are.

As per: http://adam.theficus.com/archives/20...x_tutoria.html
Firefox can also be setup to do transparent NTLM authentication, by
twiddling a config setting.
I've also set something up before within a LAN to do transparent
username identification to Apache ( similar to your ideas 2 & 3 ), but
the browser must be IE, and you need to be able to control the IE
security settings to allow the scripting of ActiveX Controls. Also
note that while this allows you to get the username transparently, it
offers basically NO security. A mildly tech-saavy user could certainly
spoof their username.

<SCRIPT LANGUAGE="JavaScript">
<!--
// Set wshShell
function GetTheId() {
var wshShell = new ActiveXObject("WScript.Shell");

// Pull Environment variables for domain\user
domain = wshShell.ExpandEnvironmentStrings("%USERDOMAIN%");
userName = wshShell.ExpandEnvironmentStrings("%USERNAME%");

document.all.item('username').value = userName;
document.all.item('domain').value = domain;
document.all.item('GetUserId').submit();
//-->
}
</SCRIPT>
<body onLoad="GetTheId();">

<form name="GetUserId" method="post" action="/login/refreshpage.php">
<input type="hidden" name="username" value="">
<input type="hidden" name="domaind" value="">
<input type="hidden" name="action" value="<?=$action;?>">
</form>
Gathering your User Info.<br>Please wait.<br><br>
If it fails to continue, please click <a
href="/login/manuallogin.php">here</a> to login.<br>
</body>

Jul 17 '05 #5

P: n/a
Thanks Ramius, that helped lots.

I think I'll just go with IIS, since we've been trying to push out
firefox for everyone. I dont really care about high levels of
security, just identifying the users, so this will work for me, with a
little config change of firefox.
Jul 17 '05 #6

P: n/a
In: <1a*************************@posting.google.com> , gh***********@gmail.com (Ghazan Haider) wrote:
We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever. So I ask all the skilled developers here, this intriguing question.
How do you pass the username to the server without the login prompt???


Anyone trying to do this with apache might have a look at:

http://httpd.apache.org/docs-2.1/mod/mod_ident.html

It should get you the username in an open standard sort of way. I wouldn't
rely on it for high security, but it is an open standard, simple approach
for obtaining just the username. Has the advantage of being cross platform,
disadvantage is that it is possible, nearly trivial, to forge identd.

For higher security, you might try:

http://httpd.apache.org/docs-2.1/mod/mod_ssl.html looks promising (I've heard
of high security applications using it, though I personally haven't, too much
overhead for any of my projects thus far) Using client certificates was said to
be the most secure authentication available. Also the most overhead, seems to
me it would be tied to the browser, not the person.

Yea, I know.. SSL is usually thought of as a way to send data securely, not
authentication.. I've been told it can do both, so I keep it in my category of
possibly/maybe solutions to problems encountered possibly/maybe some day.

Jamie
--
http://www.geniegate.com Custom web programming
gu******@lnubb.pbz (rot13) User Management Solutions
Jul 17 '05 #7

P: n/a
They both look promising... I couldnt find an indentd service/daemon
in my XP client. Might still work since ident is standard.

I'm not looking for high security at all, just default identification
of windows domain usernames, from default windows2000/xp
installations. I've several options here now, you added two. Will
investigate further...
Jul 17 '05 #8

P: n/a
Hi Ramiu

I have a similiar problem: I need to know the local IP / MAC adress o
the client from which the user logs on, as the configuration of som
applications is dependent on the HW configuration (peripherals). th
usual remote_addr thing does not work, as client in intranet o
internet (remote from home), webserver from where the applicatio
runs is internet (1 client W98, all other XP, all IE)

In a lot of js forums / docs I found statements that I can get ip
mac with js / activex, but no reasonable info on how to. (wha
happens on a notebook with LAN/WLAN nic?
can you help
thanks
trombon
http://eye.cc -php- web design
Jul 17 '05 #9

P: n/a
trombone wrote:
Hi Ramius

I have a similiar problem: I need to know the local IP / MAC adress of
the client from which the user logs on, as the configuration of some
applications is dependent on the HW configuration (peripherals). the
usual remote_addr thing does not work, as client in intranet or
internet (remote from home), webserver from where the application
runs is internet (1 client W98, all other XP, all IE).

In a lot of js forums / docs I found statements that I can get ip /
mac with js / activex, but no reasonable info on how to. (what
happens on a notebook with LAN/WLAN nic?)
can you help?
thanks
trombone
http://eye.cc -php- web design


Trombone,

You can't get my local IP address with PHP - PHP is service side, and my
system is behind a firewall (using NAT). Nothing on the Internet side of
the firewall knows my system's address; all they know is the firewall's.

Additionally, you know nothing about what's connected to my machine -
that would be a very severe security violation. For instance, can you
imagine if any website you visited could find out what was connected to
your local machine?

Since these are all IE/Windows, you might be able to do something with
ActiveX controls - get the info you need with the control and send it
into your web page. The same might be true with Javascript. It all
depends on the exact details you need (and the security settings on the
user's system).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jul 17 '05 #10

P: n/a
>I have a similiar problem: I need to know the local IP / MAC adress of
the client from which the user logs on,
You can't know the MAC address unless the client is on the same
wire as the server. Otherwise what you get is the MAC address of
your router.

You can know the public IP address of the client as $_SERVER['REMOTE_ADDR']
but this may be the public IP address of a proxy, NAT gateway, etc.
and it's not guaranteed that this address will stay the same between
one web request and the next (e.g. load-balanced proxies).

Also, do you realize how many machines out there have the local IP
address of 192.168.1.1 ?
as the configuration of some
applications is dependent on the HW configuration (peripherals). the
What possible connection does either the MAC address or IP address
have to hardware configuration? Are you trying to collect an
inventory list of the location of hardware so you can steal it to
order or sell it to someone who does?
usual remote_addr thing does not work, as client in intranet or
internet (remote from home), webserver from where the application
runs is internet (1 client W98, all other XP, all IE). In a lot of js forums / docs I found statements that I can get ip /
mac with js / activex, but no reasonable info on how to. (what
happens on a notebook with LAN/WLAN nic?)


PHP runs on the SERVER, not the client. And it's exactly this sort
of crap with Javascript that makes people want to turn it off.

Gordon L. Burditt
Jul 17 '05 #11

P: n/a
Following on from Ghazan Haider's message. . .
I am posting this for the lack of a better newsgroup, and for the
knowledge of people here, and because its only partially OT.

We have a bunch of users with their computers at work. There are
reports that the users need, which could be in html, php, asp, jsp,
whatever.

Now I am trying to eliminate the login window entirely. In an html
request, the client (firefox, ie, etc) sends the clients hostname, IP,
a bunch of other stuff, but never the username. If the server-side
scripts could know which user is logged in, it could display only the
reports that user has access to. Ideally the process should work
across browsers... else I could compile firefox to send the username
in the header somewhere...


I don't know, but would have thought that a multi-user PC would have
multiple 'profiles' for things like cookies, browser history etc. If
not IE then it is a feature I'd expect in /some/ browser.

--
PETER FOX Not the same since the bra business went bust
pe******@eminent.demon.co.uk.not.this.bit.no.html
2 Tees Close, Witham, Essex.
Gravity beer in Essex <http://www.eminent.demon.co.uk>
Jul 17 '05 #12

This discussion thread is closed

Replies have been disabled for this discussion.