Microsoft KB Archive/299984

= How To Use ASP to Retrieve Authentication Information About Web Users in IIS =

Article ID: 299984

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Internet Information Server 4.0
 * Microsoft Internet Information Services 5.0
 * Microsoft Internet Information Services 6.0

-



This article was previously published under Q299984



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



IN THIS TASK
SUMMARY
 * Requirements
 * The Code
 * Making the Code More Useful



SUMMARY
This step-by-step guide explains the correct ASP syntax for retrieving user authentication information from a Web site visitor.

NoteThis information can only be captured if the site uses Basic Authentication, Windows NT Challenge Response (NTLM), or Windows Integrated Authentication.

back to the top

Requirements

 * A Windows server that runs Internet Information Services (IIS) 4.0 or later
 * A text or ASP editor such as Notepad or Microsoft Visual InterDev

back to the top

The Code
To capture the visitor's domain and login, paste the following code into your ASP page. If the page also contains HTML, paste this code above the HTML tag. <% Dim strUser strUser = Request.ServerVariables(&quot;LOGON_USER&quot;) Response.Write strUser %> This code will capture the user's domain and login, and then display it in the browser.

back to the top

Making the Code More Useful
Now that you have a method for capturing the user's login information, you may want to store it somewhere. The steps in this section demonstrate how to create a text file and write the information to it. Note that this method is only one of many that use Request.ServerVariables.  Right-click Start, and then click Explore to open Windows Explorer. In Windows Explorer, click File, point to New, and then click Folder. This will create a new folder with the name area highlighted. Type ASP, and then press ENTER to name the new folder &quot;ASP.&quot;  Paste the following code into your ASP page. If the page also contains HTML, paste this code above the HTML tag. <% Dim objFSO, strUser, objFile strUser = Request.ServerVariables(&quot;LOGON_USER&quot;) set objFSO = Server.CreateObject(&quot;scripting.FileSystemObject&quot;) set objFile = objFSO.CreateTextFile(&quot;C:\asp\test.txt&quot;, true) objFile.WriteLine strUser objFile.Close Response.Write strUser %>                    This code will write the user's login information to a text file that is automatically created in the ASP folder (the folder you created in step 3).

back to the top

Additional query words: iis 4 iis4 iis 5 iis5 iis 6 iis 6.0 iis6 internet information server username

Keywords: kbhowtomaster KB299984

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.