OK - somewhere we are missing a linkage. Should be a trivial fix, but I have far fewer hours to spend on .NET than likely you do, Walter. Hopefully someone else on this list has the humor to overlook your ostentatiousness.
I assure you, however, that no one will invest any effort in solving the legitimate issues you raise, when your thorough reproduction case wasn't attached. Did you forget to click attach? </sarcasm> There are EBCADs everywhere. That includes aspdotnet. If you want us to work with you, we are glad to investigate what's going on. If you don't have the time, don't bother with the report, we don't either. mod_aspdotnet is free software. Unlike MS - when it breaks, you get to keep both pieces and fix them yourself if you like, or work with the community to resolve the issues. 2.0 isn't even five months old, lighten up :) There are even snapshot builds of the most recent code at http://httpd.apache.org/dev/dist/ if you care to ensure this problem exists in the next coming release. Bill At 08:21 PM 3/3/2005, Walter Nicholls wrote: >OK, I've wasted way too much time on this but I've eliminated two red >herrings, IIS and the GetServerVariables() method > >Here's a repro: > >Attached zip file contains: > aspnetbug.conf, bugusers > printvars.aspx, printvars.c, printvars.exe > >To install >0. Take one working Apache 2/ mod_aspdotnet install >1. Copy printvars.* into c:\temp\aspnetbug\ ( or directory of your choice ) >2. If you don't trust me, compile printvars.c with the compiler of your choice >3. Copy aspnetbug.conf and bugusers to c:\Program Files\Apache >Group\Apache2\conf\ (or wherever) >4. Add the following line to c:\Program Files\Apache >Group\Apache2\conf\httpd.conf: > include conf/aspnetbug.conf > >To test >1. Navigate browser to http://localhost/aspnetbug/printvars.exe >Observed: > requires a login. Log in as username = test, password= test > Web page shows: > >SERVER_SOFTWARE=Apache/2.0.53 (Win32) >REMOTE_USER=test >AUTH_TYPE=Basic > >2. Navigate browser to http://localhost/aspnetbug/printvars.aspx (and login as >before if required) >Observed: >Variable ServerVariables[x] GetServerVariables(x) >AUTH_TYPE (blank) Basic >AUTH_USER (blank) (blank) >REMOTE_USER (blank) test >SERVER_SOFTWARE Apache/2.0.53 (Win32) Apache/2.0.53 (Win32) > >Expected: >For the Request.ServerVariables to match what came back from >GetServerVariables(), of course. > >Comments: >OK, clearly ASP.NET is not using the server variables passed to it to >determine the authenticated user. Quite what it thinks it is using I don't >know, but GetUserToken() seems like a very likely place. > >Perhaps this thread should be titled "mod_aspdotnet does not implement >GetUserToken()" > >How to fix this is another problem. How does the value (IntPtr) returned by >GetUserToken() turn into the ASP.NET User object (assuming it does!). Digging >the MSDN documentation it appear that someone somewhere should be executing >code like: > >IPrincipal aspnet_user_object = new GenericPrincipal( > new GenericIdentity( GetServerVariables( "REMOTE_USER"), > GetServerVariables("AUTH_TYPE") ), > null ); >// that now becomes the ASP.NET User object. > >Is it as simple as casting that aspnet_user_object to an IntPtr and returning >that? I surely don't think so. > >I really have run out of time on this. I hope this sheds some light, I can't >see how mod_aspdotnet can be used for anything other that toy apps without it >though. Every application I've ever written has wanted to know who the user >is, even if just for logging. > >Couple more things while they come to mind >* mod_ntlm would present its own problems in that instead of returning a >GenericPrincipal it should presumably be returning a WindowsPrincipal instead. >I suspect this might involve more than just "new WindowsPrincipal( r->user )" >* Would also be nice to add a list of roles so that ASP.NET code can use >User.IsInRole(). Don't know where that list should be obtained, though. I >don't know the request_rec structure at all so there might be something useful >in there, might not. > >Enough, >Walter > > > > > > > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
