-1

I am using IIS 10 with Windows authentication. I can see the windows username in the log files, and i am looking for a way to capture it (after authentication) and using rewrite to store it in a request header Is that possible without too much fuss?

Frank
  • 11
  • 3
  • It's also saved in server variables, https://learn.microsoft.com/en-us/iis/web-dev-reference/server-variables so in most cases you don't need to store it in a header. – Lex Li Sep 15 '22 at 18:30
  • But can we access these server variables elsewhere, once redirected, from JSP pages? – Frank Sep 15 '22 at 21:43
  • If you host Java program on IIS via HttpPlatformHandler, then you can even forward the actual authentication token to Java side https://learn.microsoft.com/en-us/iis/extensions/httpplatformhandler/httpplatformhandler-configuration-reference#configuration-attributes Languages like Python can extract user name from that, https://stackoverflow.com/questions/62806295/how-to-get-the-authenticated-user-name-in-python-when-fronting-it-with-iis-http So you must be able to do the same in Java. – Lex Li Sep 15 '22 at 23:25

1 Answers1

-1

You can do this with VB or C#, I will give an example of both

VB.NET:

If User.Identity.IsAuthenticated Then
    Label1.Text = User.Identity.Name

C#:

if (User.Identity.IsAuthenticated)
    Label1.Text = User.Identity.Name;

Hopefully this is what you needed

Aleks4920
  • 82
  • 7
  • Not really sorry. There is no actual website running these languages underneath, the IIS site is to serve as a reverse proxy so the goal is simply to do the windows authentication, capture the userid and set as a header then redirect the user somewhere else, where the request header will be used – Frank Sep 15 '22 at 17:51
  • do you mind please giving an example of what you are trying to do and in what language? thank you – Aleks4920 Sep 15 '22 at 17:57
  • IIS site is doing reverse proxy final destiation is a WebSphere application cluster ; the webapp needs to know the userid, accesses it from JSP code from the request. So main goal is really to capture the windows user id, store it in a request header. – Frank Sep 15 '22 at 18:13
  • Are you not using ASP.NET? – Aleks4920 Sep 15 '22 at 18:15
  • Nope i am not.. – Frank Sep 15 '22 at 18:25