How can i get the value from Request.ServerVariables("LOGON_USER") when the application is running in IIS?

I'm not using any built in authentication mechanism, just building a simple intranet site that requires logon.

BUT i was asked to retrieve the current windows logon name of the user, and authenticate him with this information.

When reading the Request.ServerVariables("LOGON_USER") informati开发者_Go百科on from my box, everything runs fine. But this value is always blank when the application is running with IIS on my server.

Any ideas?

---

In order to find out who the user is, you need to authenticate them. This is the very definition of authentication.

Alter your web.config to include:

<authentication mode="Windows"/>

inside the system.web element. This will use Windows Authentication ie. users are authenticated via your internal Windows Domain Controller, without having to type in a username + password, by using Windows based security. This is perfect for Intranet based Web Applications. So you may able to do away with your username + password based logon, if thats what you are currently doing.

Refer: How to Use Windows Authentication in ASP.NET and: Explained: Windows Authentication in ASP.NET for more depth

If your intention is to restrict access to network resources automatically based on the user's Windows account, you may want to look at using impersonation, meaning ASP.NET acts as if it is running in the context of the user's Windows account, and all user permissions associated with that account are effectively passed on to your ASP.NET application.

BTW, I think Request.ServerVariables("LOGON_USER") is the old ASP Classic way. Use HttpContext.Current.User.Identity.UserName instead.