tags:

views:

82

answers:

3
Q: 

getting windows username with javascript

I have a site which is built in ASP.net and C#. Let's call it webapp. it uses a Form system to log on into it, and cannot be changed easliy.

I got a request to change the log in to some kind of windows authentication. I'll explain. Our windows login uses active directory for users to log into their windows account. their login name is sXXXXXXX. X are numbers. in my webapp, I want to take the users numbers from their active directory login, and check if those exist in the webapp database. if it exists, they will automatically log in. If it doesn't, they will be referred to the regular login page for the webapp system which is currently in use.

I tried changing my IIS to disable anonymous login and enabling windows authentication, therefore making the user browser to send it's current logged in user name to my webapp. I changed the web config as well from "Forms" to "Windows", which made my whole webapp obsolete as the whole forms system did not work.

My question is this - is there a different way for the browser only to send the username to my webapp? I thought maybe javascript, I just don't know how to implement that, if it's even possible. I know it's not very secure, but all this platform and system is built outside the internet, it's on a private network.

+1  A: 

The only way you could get at the user's domain credentials via javascript would be by deploying some type of ActiveX component to expose that data to the browser. I wouldn't recommend that.

I would look at implementing a Login page for forms authentication that authenticates the user on the page load using HttpContext.Current.User.

The way forms works is that if an unauthenticated user attempts to access an access-controlled page and have not logged in (no cookie), they will be redirected to a login page that gives the facility to log in (this sets a cookie on the client-side). The user is then directed to the page they initially requested. You would simply be automating the login part.

If you have a mixture of pass-through and user who need to manually login you could check their client IP address to see if it matches one on your domain or not.

David Neale  2010-06-10 11:09:10
The current system does exactly what you said - the user authenticates in the login page, which sets the cookie on the client side.When I tried enabling Windows Authentication, both on IIS and on the web.config, my site just would not work - the whole login form, and site actually, is based around Forms authentication mode in the web.config - I cannot change that as my site would just not work.I know ActiveX is not secure and is not recommended, but I just can't see another way... if there is i'd be happy to know. If not, I'd like to get an explanation of how to implement the ActiveX.
jbkkd  2010-06-10 11:19:54
There's a handy tutorial here: http://dotnetslackers.com/articles/csharp/writinganactivexcontrolincsharp.aspx. But I can't help but think there's an obvious way around this. I just can't think of it yet!
David Neale  2010-06-10 11:30:38
+1  A:  
<script language="javascript">
    var username = '<%HttpContext.Current.User.Identity.Name %>';

</script>
Boris Modylevsky  2010-06-10 11:24:20
This would only work if Windows Authentication was enabled. The user cannot do this.
David Neale  2010-06-10 11:28:54
A: 

The solution I found for getting the username sent to the server was:

string winlogon = Request.ServerVariables["LOGON_USER"];

After enabled Windows Authentication Mode in IIS.

jbkkd  2010-07-07 06:32:24

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?