Request.Server variables blank for classic ASP

CC 321 Reputation points
2021-11-12T23:03:08.097+00:00

We are running a classic ASP app, and the upgrade to IIS 8.5 caused our Request.Server variables to be blank:
AUTH_USER
LOGON_USER

Windows Auth is the default authentication type, and server admin has verified all other options are disabled like Anonymous Authentication

Anything else we should be trying?
I saw this in another forum, but not sure how to use:
Response.Write(User.Identity.Name.ToString())

...the above line with User.Identity breaks our ASP page.

Internet Information Services
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,593 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Bruce (SqlWork.com) 71,266 Reputation points
    2021-11-13T18:03:27.39+00:00

    Did you disable anonymous on iis?

    0 comments No comments

  2. Bruce Zhang-MSFT 3,756 Reputation points
    2021-11-15T08:04:20.887+00:00

    Hi @CC ,

    You can refer to this document.

    This problem occurs because the authentication-related variables in the ServerVariables collection are not populated if you use Anonymous Access security to access the .aspx page. This problem can also occur if you give the anonymous user access in the <authorization> section of the web.config file.

    But it seems that this cause is not your problem because your admin has disable the anonymous authentication.

    I think you can use HttpContext.Current.User.Identity.Name or WindowsIdentity.GetCurrent().Name to get users.

    string login=HttpContext.Current.User.Identity.Name;  
    

    Request.ServerVariables("LOGON_USER") has been depreciated for C#.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Bruce Zhang


  3. Bruce (SqlWork.com) 71,266 Reputation points
    2021-11-15T16:44:16.8+00:00

    just use this script to see what server variables are defined. maybe only REMOTE_USER is set

    <%
    for each x in Request.ServerVariables
    response.write(x & " = " & Request.ServerVariables(x) & "<br />")
    next
    %>


  4. Bruce (SqlWork.com) 71,266 Reputation points
    2021-11-15T22:55:25.18+00:00

    that typically indicates anonymous access. what authentication are you using?


  5. Bruce Zhang-MSFT 3,756 Reputation points
    2021-11-18T05:41:10.663+00:00

    Hi @CC ,

    Yes, it is.

    If no username/pwd prompt, that means IIS uses anonymous authentication. You need contact to admin and ask him to enable windows authentication, disable anonymous authentication.

    Note:
    If windows authentication and anonymous authentication are enabled, anonymous authentication will be preferentially used by browsers and IIS.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Bruce Zhang


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.