Discussion:
Obtaining the authenticated username and InternetErrorDlg()
(too old to reply)
Alin Constantin
2005-07-23 20:08:27 UTC
Permalink
Hi,

Is there any way to obtain (on the client machine) the name of the
authenticated user on the server/proxy?

I'm thinking of these situations:
- a http request is issued, the server requires integrated Windows
authentication. Sometimes either credentials of the user logged on on the
client machine or some cached credentials are used, and the the connection
"just works". How do I find out which username's credentials were used?
- sometimes, the response from the http request can be HTTP_STATUS_DENIED or
HTTP_STATUS_PROXY_AUTH_REQ. InternetErrorDlg() is used to request new
credentials from the user. How do I found what was the user's input for
username?

I thought that InternetQueryOption() could be used to ask for
INTERNET_OPTION_USERNAME or INTERNET_OPTION_PROXY_USERNAME on the
connection's handle.
However, I tried this and although the function succeeds, only empty strings
are returned...

Is there any other way of obtaining the connected user's name?

Thank you,
Alin
Arkady Frenkel
2005-07-24 09:36:45 UTC
Permalink
Look at NetUserEnum()
Arkady
Post by Alin Constantin
Hi,
Is there any way to obtain (on the client machine) the name of the
authenticated user on the server/proxy?
- a http request is issued, the server requires integrated Windows
authentication. Sometimes either credentials of the user logged on on the
client machine or some cached credentials are used, and the the connection
"just works". How do I find out which username's credentials were used?
- sometimes, the response from the http request can be HTTP_STATUS_DENIED
or HTTP_STATUS_PROXY_AUTH_REQ. InternetErrorDlg() is used to request new
credentials from the user. How do I found what was the user's input for
username?
I thought that InternetQueryOption() could be used to ask for
INTERNET_OPTION_USERNAME or INTERNET_OPTION_PROXY_USERNAME on the
connection's handle.
However, I tried this and although the function succeeds, only empty
strings are returned...
Is there any other way of obtaining the connected user's name?
Thank you,
Alin
Alin Constantin
2005-07-24 18:41:11 UTC
Permalink
Which is going to return me a LIST of usernames...
I don't think this is what I'm looking for. Leaving aside that list matches
local user accunts or domain accounts (which may not be what user typed to
authenticate with the remote server), I don't see any way of identifying
which username from the returned list was used (if any) when connecting to
the server.

Other suggestions?

Thank you,
Alin
Post by Arkady Frenkel
Look at NetUserEnum()
Arkady
Post by Alin Constantin
Hi,
Is there any way to obtain (on the client machine) the name of the
authenticated user on the server/proxy?
- a http request is issued, the server requires integrated Windows
authentication. Sometimes either credentials of the user logged on on the
client machine or some cached credentials are used, and the the
connection "just works". How do I find out which username's credentials
were used?
- sometimes, the response from the http request can be HTTP_STATUS_DENIED
or HTTP_STATUS_PROXY_AUTH_REQ. InternetErrorDlg() is used to request new
credentials from the user. How do I found what was the user's input for
username?
I thought that InternetQueryOption() could be used to ask for
INTERNET_OPTION_USERNAME or INTERNET_OPTION_PROXY_USERNAME on the
connection's handle.
However, I tried this and although the function succeeds, only empty
strings are returned...
Is there any other way of obtaining the connected user's name?
Thank you,
Alin
Arkady Frenkel
2005-07-25 09:03:40 UTC
Permalink
That maybe a lot :) of logged on user , that number returned by
NetWkstaGetInfo() in wki102_logged_on_users member of

WKSTA_INFO_102

Arkady
Post by Alin Constantin
Which is going to return me a LIST of usernames...
I don't think this is what I'm looking for. Leaving aside that list
matches local user accunts or domain accounts (which may not be what user
typed to authenticate with the remote server), I don't see any way of
identifying which username from the returned list was used (if any) when
connecting to the server.
Other suggestions?
Thank you,
Alin
Post by Arkady Frenkel
Look at NetUserEnum()
Arkady
Post by Alin Constantin
Hi,
Is there any way to obtain (on the client machine) the name of the
authenticated user on the server/proxy?
- a http request is issued, the server requires integrated Windows
authentication. Sometimes either credentials of the user logged on on
the client machine or some cached credentials are used, and the the
connection "just works". How do I find out which username's credentials
were used?
- sometimes, the response from the http request can be
HTTP_STATUS_DENIED or HTTP_STATUS_PROXY_AUTH_REQ. InternetErrorDlg() is
used to request new credentials from the user. How do I found what was
the user's input for username?
I thought that InternetQueryOption() could be used to ask for
INTERNET_OPTION_USERNAME or INTERNET_OPTION_PROXY_USERNAME on the
connection's handle.
However, I tried this and although the function succeeds, only empty
strings are returned...
Is there any other way of obtaining the connected user's name?
Thank you,
Alin
Arkady Frenkel
2005-07-25 09:21:39 UTC
Permalink
OTOH to see the list of those look at
http://www.sysinternals.com/Utilities/PsLoggedOn.html
Arkady
Post by Arkady Frenkel
That maybe a lot :) of logged on user , that number returned by
NetWkstaGetInfo() in wki102_logged_on_users member of
WKSTA_INFO_102
Arkady
Post by Alin Constantin
Which is going to return me a LIST of usernames...
I don't think this is what I'm looking for. Leaving aside that list
matches local user accunts or domain accounts (which may not be what user
typed to authenticate with the remote server), I don't see any way of
identifying which username from the returned list was used (if any) when
connecting to the server.
Other suggestions?
Thank you,
Alin
Post by Arkady Frenkel
Look at NetUserEnum()
Arkady
Post by Alin Constantin
Hi,
Is there any way to obtain (on the client machine) the name of the
authenticated user on the server/proxy?
- a http request is issued, the server requires integrated Windows
authentication. Sometimes either credentials of the user logged on on
the client machine or some cached credentials are used, and the the
connection "just works". How do I find out which username's credentials
were used?
- sometimes, the response from the http request can be
HTTP_STATUS_DENIED or HTTP_STATUS_PROXY_AUTH_REQ. InternetErrorDlg() is
used to request new credentials from the user. How do I found what was
the user's input for username?
I thought that InternetQueryOption() could be used to ask for
INTERNET_OPTION_USERNAME or INTERNET_OPTION_PROXY_USERNAME on the
connection's handle.
However, I tried this and although the function succeeds, only empty
strings are returned...
Is there any other way of obtaining the connected user's name?
Thank you,
Alin
Eugene Gershnik
2005-07-25 08:36:13 UTC
Permalink
Post by Arkady Frenkel
OTOH to see the list of those look at
http://www.sysinternals.com/Utilities/PsLoggedOn.html
This (and other enumeration methods) doesn't provide the information Alin
wants. It shows users logged on on a given machine while he needs the
identity used in HTTP session. Using an identity doesn't result in logon on
the cleint machine. Though it is possible to enumerate logon sessions on the
server this doesn't help because there is no way to associate a given logon
with web session.
--
Eugene
http://www.gershnik.com
Alexander Nickolov
2005-07-25 17:58:37 UTC
Permalink
Not to mention that the server may not even be running Windows...
--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: ***@mvps.org
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================
Post by Eugene Gershnik
Post by Arkady Frenkel
OTOH to see the list of those look at
http://www.sysinternals.com/Utilities/PsLoggedOn.html
This (and other enumeration methods) doesn't provide the information Alin
wants. It shows users logged on on a given machine while he needs the
identity used in HTTP session. Using an identity doesn't result in logon
on the cleint machine. Though it is possible to enumerate logon sessions
on the server this doesn't help because there is no way to associate a
given logon with web session.
--
Eugene
http://www.gershnik.com
Eugene Gershnik
2005-07-25 08:04:38 UTC
Permalink
Post by Alin Constantin
I don't see any
way of identifying which username from the returned list was used (if
any) when connecting to the server.
AFAIK there isn't any. The CredXXX API may help but you will need to
manually match resource names to your connection target which is far from
trivial.

A better question is why do you need this information?
--
Eugene
http://www.gershnik.com
Loading...