Google Answers Logo
View Question
 
Q: ASP Classic using Windows Authentication ( No Answer,   4 Comments )
Question  
Subject: ASP Classic using Windows Authentication
Category: Computers > Programming
Asked by: wbwillson-ga
List Price: $30.00
Posted: 23 Jun 2004 09:44 PDT
Expires: 23 Jul 2004 09:44 PDT
Question ID: 365115
I currently have an intranet site which I programmed using ASP Classic
and VBScript.  I have a log-in page where users enter their username
and password which is then validated against a table in a SQL Server
2000 database.  I would like to be able grant them access to the site
based on their Windows log-in so that they won't have to remember yet
another password.  I know this is possible using ASP.Net but I would
like to use ASP Classic.  Also I would need to be able to determine
their (a) username (b) any groups they belong to (like Administrators)
as I limit portions of my site based on their group membership.
Answer  
There is no answer at this time.

Comments  
Subject: Re: ASP Classic using Windows Authentication
From: davevt5-ga on 24 Jun 2004 07:55 PDT
 
ASP User has this ability:
http://www.aspuser.com/

We have been using it on our ASP/VBScript intranet for quite some time. 

-David
Subject: Re: ASP Classic using Windows Authentication
From: wbwillson-ga on 24 Jun 2004 09:53 PDT
 
David,

  Thanks for the link..I have visited that site before and while it
does look like it will do what I need I was hoping to be able to
program that functionality myself as opposed to relying on another
app.  Since you use it, can I just use it to get the username and
group membership's or does it automatically give rights to change
SAM/Active Directory information.  The reason I ask is because my Sys
Admin department is too keen on letting the knowledge management
department have control over user's active directory info.   Thanks
again for the link.

Bill
Subject: Re: ASP Classic using Windows Authentication
From: irobot-ga on 27 Jun 2004 20:20 PDT
 
You can grant them access to the site based on their Windows log-in
simply by unenabling Anonymous access and enabling Integrated Windows
authentication in the IIS console -> Anonymous access and
authentication control -> Edit... dialogue.

Once authenticated with Integrated Windows, you can get their username
through Request.ServerVariables("LOGON_USER").

Then use ADSI (Active Directory Services Interface). Pretty easy in
classic ASP and VBScript. Then you can get a user object through ADSI
based on the logged in username and the domain name:

strUsername = Request.ServerVariables("LOGON_USER")
set myUser = GetObject("WinNT://yourDomainName/" & strUsername & ",user")

Now you can get information about the user with properties, such as:

myUser.FullName
myUser.HomeDirectory

The full list is here:
http://msdn.microsoft.com/library/en-us/adsi/adsi/iadsuser_property_methods.asp?frame=true

To get the groups a user belongs to you can try something like:
       strGroupList = ""
       set myDomain = GetObject("WinNT://yourDomainName")
       myDomain.Filter = Array("group")
       for each group in myDomain
           strGroupName = group.name
           set grp = getObject("WinNT://yourDomainName/" & strGroupName)
           if grp.isMember("WinNT://yourDomainName/" & strUsername) then
                strGroupList = strGroupList & strGroupName & "<br>"
           end if
           set grp = nothing
       next
       set myDomain = nothing
       response.write( strGroupList )

A couple of articles / references:
http://msdn.microsoft.com/library/en-us/adsi/adsi/iadsuser.asp?frame=true
http://www.4guysfromrolla.com/webtech/061202-1.shtml
http://www.eggheadcafe.com/articles/20010126.asp

Kevin Collins
Subject: Re: ASP Classic using Windows Authentication
From: metafunk-ga on 18 Feb 2005 05:55 PST
 
If you would like to manage the security yourself and only want to
know their login id then you can get it from:

request.servervariables("LOGON_USER")

In you code you can allow/revoke access to different functionality.

G,
ASP ASP.NET and SQL Server Hosting Specialists
http://www.nt-webspace.com

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy