onegative has asked for the wisdom of the Perl Monks concerning the following question:

G'day most honorable Monks, Is there no easy way to get the DOMAIN\USERNAME from a Windows user when that user runs a CGI script on his/her browser being executed from an Unix server (Apache)?

I am not worried about authenication, I just want to know the user logged into to the Windows machine itself where request is being originated.

I want to use that information to dish up a specific page based on that user's domain\username without having to maintain security. This is an intranet app that is not security critical.

Any and all suggestions greatly appreciated...

Well my question was MARKED as one of the worst nodes of the day so I guess its because I didn't have some stupid code showing even more ignorance with regard to trying to extract this information short of running javascript/vbscript out of the ActiveX controls... ???? or .htaccess required.

Replies are listed 'Best First'.
by NetWallah (Canon) on Dec 13, 2007 at 22:08 UTC
    I would suggest saving the username in a cookie.

    If the cookie does not exist, pop-up a form, asking for the user name (One time only), then save it in a cookie, hopefully with a fairly long expiration time.

    You should also provide a "logout" option, to allow the user to delete the cookie, so you can do tests and impersonation.

    Since you are specifically not asking for authentication, this method is specifically NOT secure, but hopefully meets your requirements.

         "As you get older three things happen. The first is your memory goes, and I can't remember the other two... " - Sir Norman Wisdom

by andyford (Curate) on Dec 14, 2007 at 21:08 UTC
by rhesa (Vicar) on Dec 14, 2007 at 21:25 UTC
    If your Apache ran on Windows, you'd be able to get the info from $ENV{REMOTE_USER} with the following configuration bits:
    LoadModule sspi_auth_module modules/ <Location /here> AuthName "Some realm" AuthType SSPI SSPIAuth On SSPIAuthoritative On require valid-user </LOCATION>
    Unfortunately, I have no idea if that would ever work on a Unix server (and I doubt it), but I thought I'd throw it out here anyway. It might just give you a lead to google on.