I have a non anonymous site in IIS5
The site is for collecting any kind of data from employees.
Authentication is done with the server variable "Logon_User"
Pages:
start.asp - Authentification mask appears -->
form.asp - form for data input -->
form_ack.asp - displays the data again and stores in SQL when
acknowledged in checkboxes
After data are stored I'd like to have a button such as "Log off"
which points back to start.asp.
In the samples I tried there is always the current logged in user
present even when I do a "session.abandon" or
"Session.Contents.Remove"
I know that if you intend to use the LOGON_USER in an ASP page you need to have Windows Authentication selected.
I have a website in one domain which can be accessed by 2 other domains. If I am to change to Windows Authentication, will there be a security issue of any type?
I'm trying to get the NT login id of a user on a web page without making the user type it into a login box. I'm using the LOGON_USER server variable. The problem is, if the web page allows anonymous access, LOGON_USER returns nothing. If the page is set to Basic Security, the NT login popup box comes up, even though the user is already logged into the network, and HAS access to this page.
Moreover, if I try this on my PC instead of our webserver, it works like I would expect. That is, when set to Basic Security, it does NOT pop up a login box if the user is allowed to view the page, and LOGON_USER returns the userid. Is there some setting on the server I need to change? Or something else?
I create a web site in a Windows 2003 server/IIS6, and I used asp pages to get ServerVariables. After I set FrontPage Extension 2002, some ServerVariables like LOGON_USER become null. Any body has an idea?
I have an intranet site hosted in IIS 5.0 Win2000, and want to display the name of the user logged into the local machines(WinXP) in the pages they access like 'Welcome JohniBravo'.
So, i used the Request.ServerVariables("LOGON_USER"), but get a blank ("") displayed in the page. And i even tried "REMOTE_USER" but, still the same. from somewhere i got to know that theres something called 'Allow anonymous user' should be enabled to get these info from servers. help me with the same?
I have used the same syntax in two pages and sometimes each server variable is return, and sometime it is blank. In fact, I created a test page this morning which worked fine, and then an hour later the variables are blank. I read some of the threads about the anonymous user box in IIS, but this just seems strange.
P.S. Each PC in our environment is authenticated through active directory (just to logon to the PC, not security applied to the web folders).
I'm using Windows Integrated Authentication on my company intranet ASP web site (IIS6 W2K3).
I would like to know how could I get the full Active Directory domain name from the Logon_User variable.
I always get the netbios name of the domain, but I need the full domain name to be able to distinguish users (because actually there is two companies on the intranet having their AD forest linked, but also having some subdomains with identical netbios name !).
I mean, for instance for a user login "theuser" coming from the domain is "thedomain.thecompany.com", I need to get in Logon_User environement variable the following content: "thedomain.thecompany.com heuser" At the moment I only get "thedomain heuser", excepted if I switch to basic authentication, that I don't want.
I have 2 webs under my default web running win2003
1. A front-page intranet 2. A asp (not .net) web is fine
Both allow anonomous access. My front page web always gets a BLANK Request.ServerVariables("Logon_User"). The asp web gets the logon_user OK. Both webs have a global.asa that has Code:
I have a website that would set two cookies when a user logs in successfully.
<% response.cookies("login_status")="OK" response.cookies("login_id")="12345"'This value is from database. response.cookies("login_id").domain="mysitexyz.com" %>
and I have a question in "removing/deleting/cleaning the cookie when the user logs out.
From my understanding there are two methods -
#1 (I am currently using) response.cookies("login_status")="" response.cookies("login_id")=""
My questions is, what's the difference, advantage and disadvantage of these two methods?
I am asking this because I have noticed that there are some problems in #1. In my computer (I use IE7) if I login as one user, logout, and then login as another user, the cookie value will get mixed up. Somehow the response.cookies("login_status") can display correctly but response.cookies("login_id") cannot. But if I clean my browser cache, close my IE and reopen it, both cookies work fine.
When I submit information i post it to a page and when it’s reloaded it runs as code accordingly if I refresh it re runs the asp because the information is still posted. How do I clear the posted information? Or possibly after it runs the asp code alter a value in the posted information.
i have a form with a textarea(the value is taken out from the database) i would like to know if it is possible to erase contents in that file and not delete it using asp or javascript? or is there a way to select all the text in that textarrea and clear it?
How do i clear a page of boxes and only allow the last response.write to show? And is there a way to allow the page to show for a while the response.write and then bring it to another page by a certain timing?
Is there a way that i can force a drop of all connections to a database. My problem is Access keeps locking my database, i have multiple users using this database, at different periods of the day, and i need a way to clear all connections, i.e at set points throughout the day or at request.
I do close the connection and set all record sets to nothing not sure what else i am missing?
I have a form submission page that I am using some session variables that are created on the page in order to keep track of the information that they have already inputted - so when they click submit if there are any errors the fields that are correct remain populated.However, I am wondering is there a way that if they navigate away from this one page all the session variables that are created are removed so if they come back to the page they need to re-enter the information?
Something like "on page exit - remove session("name")..." ?
I have an Access database containing 10 Tables with a lot data in each Table. I need to copy the database with no data in another directory. Is there an ASP code or object that allows me to clear data in all Table at once? How can I clear all data from Access DB?
I am worried of accumulated old cart product selections from expired browser windows or other unforseen events. I am holding selected productID's & quantities & userID & sessionID in a sql table from a shopping cart.
I allow user to clear their cart from a button and also automatically clear their cart on user logon. Also on checkout I clear their cart. I am storing selections with sessionID & UserID so they will be unique,. But does anyone reccomend any other cart selection maintenance procedure i could use,.
The back button that appears on every browser has a list that allows moving back to a specific page quickly, I'm sure you all know the one I mean. Is there a means of clearing said list? perhaps some DHTML method or the like?
I have an image gallery in a database and I display one item at random with each refresh. I also have 2 buttons "next" and "previous" to show next or previous items in my recordset. Everything works well except for the fact that once the user has used either "next" or "previous" it leaves my query string in the url bar: index.asp?action=previous therefore, if I click "refresh" it continues to display either the next or previous entries instead of dislaying at random like it should.
How can I clear the query string from the url if the commend comes from the refresh button?
Is there any method to clear a form collection after a post without have to do a response.redirect? I am trying to avoid having the form re-submitted a second time on a page refresh.
I am trying to get a thorough understanding of a code where a addition or deletion of records can be done from a list of records. For addition part of the form, data is being obtained from set of input boxes. Code:
Request.servervariables("Logon_USer") is working perfectly well for one asp page returning the NT userid as expected but returning an empty string for another asp page.Both the asp pages are in the same directory.This directory have both Anonymous Access and Integrated Authentication enabled att IIS.
