How do you get the SID of the current web user in Legacy ASP?

Question

I have an assembly that is exposed to com that provides access to a security library in .net to legacy vb code so we can add in our new security model without completely rewriting all of our legacy applications into .net.

A few methods in one of these classes exposed to COM expect an Sid of the current user (we're on a domain if that makes a difference). I have two different situations: the first situation is when the user is running desktop/console application and I need to get the Sid of the current identity running the application, and the second situation is when the user is connecting to an asp web application and I need to get the Sid of the user that is viewing the page. How is this done?

I don't have much experience with legacy asp/vb, so I wasn't sure how to do this.

Answer 1

With classic ASP, I not sure that you would be able to get it directly, however you can get the domain\username from the Request object:

Request.ServerVariables("logon_user")

Then you can look at Active Directory to get the SID value from ObjectSID.