Unchecking anonymous should cause a user to log in to IE, if you also check Integrated Windows Security, the user has already logged into their computer. It does not for us. The Integrated Windows Security option allows IE to pass the user's creditentials to the IIS server.
This works for us here, because everybody logs in to the network when they turn on their computer. Using this method, we can grab the login provided then and use it when they access the website.
We are using it three ways, we provide content base on the user groups of the user. If they belong to a certain department, they will see content and links specific to that department. We also use it to capture who access certain pages. Finally we use to to verify access to very restricted pages. At this point we require a second login, and then verify that login against the original login. Thus we can verify you are you and you are logined into the computer you are using. No sitting down at somebody's unlocked computer and trying to get them into trouble.
But, except for the last scenario, the users are not required to log into the website pages once they have logged into their computer. If you are trying to do this in the wider world, not in a well defined and controlled intranet, then I don't know how you can get by without the user login. They have to login somewhere don't they?
--------------
Ian Skinner
Web Programmer
BloodSource
www.BloodSource.org
Sacramento, CA
-----Original Message-----
From: Ben Braver [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 27, 2004 11:01 AM
To: CF-Community
Subject: Re:OT: Win2k userid
Thanks Ian,
IIRC though unchecking Anonymous Login will make the user enter their id and password into IE when they attempt to access the resource. That's what we were trying to avoid.
-Ben
> Do this all the time here at BloodSource.
>
> The variable you are looking for is CGI.Auth_User
>
> This variable will only be populated if Integrated Windows Security is
> checked and Anonymous Login is unchecked in the security settings of
> the website (or sub-directory or website) and the user is using IE.
> If they are not using IE they will be told they do not have access to
> that resource. Netscape and Opera can not pass user creditinials in
> this manner.
>
> HTH
>
> --------------
> Ian Skinner
> Web Programmer
> BloodSource
> www.BloodSource.org
> Sacramento, CA
>
> -----Original Message-----
> From: Ben Braver [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, January 27, 2004 10:21 AM
> To: CF-Community
> Subject: Re:OT: Win2k userid
>
>
> Yeah, my research has been finding that
> (1) you request a restricted resource
> (2) it challenges (asks for uid/pwd)
> (3) authenticates user-supplied uid/pwd against Win
> we were trying to avoid a separate login...
> BenB
>
> >I thought that Win only provided the current user if a) a restricted
>
> >directory or file was requested and b) IE is set to provide the
> windows
> >userid as the default.
> >
> >Of course, I could be way off base -- this isn't something I've ever
>
> >tried to deal with.
> >
> >--benD
> >
> >[EMAIL PROTECTED] wrote:
> >
> >> hi gang,
> >>
> >> Can't remember where in CF to interrogate the Windows 2000 UserID
> of the
> >> person on the other side of the browser. Have looked in several
> books.
> >>
> >> Tried CGI.REMOTE_USER, it's not returning a value.
> >>
> >> Need to check a substring of userid to allow/deny running a
> particular
> >> CF page, without requiring a separate logon to the app.
> >>
> >> Any ideas??
> >> Thanx.
> >>
> >> -Ben
> >>
> _____
>
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
