Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

NTLM DOMAIN\USERNAME

by onegative (Scribe)
on Dec 13, 2007 at 20:35 UTC ( #656912=perlquestion: print w/ replies, xml ) Need Help??
onegative has asked for the wisdom of the Perl Monks concerning the following question:

G'day most honorable Monks, Is there no easy way to get the DOMAIN\USERNAME from a Windows user when that user runs a CGI script on his/her browser being executed from an Unix server (Apache)?

I am not worried about authenication, I just want to know the user logged into to the Windows machine itself where request is being originated.

I want to use that information to dish up a specific page based on that user's domain\username without having to maintain security. This is an intranet app that is not security critical.

Any and all suggestions greatly appreciated...
Danny

Well my question was MARKED as one of the worst nodes of the day so I guess its because I didn't have some stupid code showing even more ignorance with regard to trying to extract this information short of running javascript/vbscript out of the ActiveX controls... ???? or .htaccess required.

Comment on NTLM DOMAIN\USERNAME
Re: NTLM DOMAIN\USERNAME
by NetWallah (Abbot) on Dec 13, 2007 at 22:08 UTC
    I would suggest saving the username in a cookie.

    If the cookie does not exist, pop-up a form, asking for the user name (One time only), then save it in a cookie, hopefully with a fairly long expiration time.

    You should also provide a "logout" option, to allow the user to delete the cookie, so you can do tests and impersonation.

    Since you are specifically not asking for authentication, this method is specifically NOT secure, but hopefully meets your requirements.

         "As you get older three things happen. The first is your memory goes, and I can't remember the other two... " - Sir Norman Wisdom

Re: NTLM DOMAIN\USERNAME
by andyford (Curate) on Dec 14, 2007 at 21:08 UTC
Re: NTLM DOMAIN\USERNAME
by rhesa (Vicar) on Dec 14, 2007 at 21:25 UTC
    If your Apache ran on Windows, you'd be able to get the info from $ENV{REMOTE_USER} with the following configuration bits:
    LoadModule sspi_auth_module modules/mod_auth_sspi.so <Location /here> AuthName "Some realm" AuthType SSPI SSPIAuth On SSPIAuthoritative On require valid-user </LOCATION>
    Unfortunately, I have no idea if that would ever work on a Unix server (and I doubt it), but I thought I'd throw it out here anyway. It might just give you a lead to google on.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://656912]
Approved by bingos
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2014-12-29 11:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (187 votes), past polls