Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provide access to the windows identity of the authenticated user to node.js app #87

Closed
tjanczuk opened this issue Nov 21, 2011 · 3 comments
Closed

provide access to the windows identity of the authenticated user to node.js app #87

tjanczuk opened this issue Nov 21, 2011 · 3 comments
Labels
P1

Comments

@tjanczuk
Copy link
Owner

When IIS is configured to require windows authentication, there is currently no way within the node.js application to determine the name of the authenticated user. This is to provide a mechanism to access that username. One possibility is to use X-* HTTP request headers to convey this information from iisnode to node.exe on a per-request basis.

This is from http://tomasz.janczuk.org/2011/08/using-url-rewriting-with-nodejs.html?showComment=1321821547800#c8998354757283280788.
@technicalmedia
Copy link

this would be very useful :)

@tjanczuk
Copy link
Owner Author

The fix is to provide a mechanism in iisnode to promote any of the IIS server variables to X-iisnode-* HTTP request headers.

To choose which of the IIS server variables are promoted to X-iisnode-* HTTP request headers, use the iisnode@promoteServerVars configuration property. It specifies a comma-separated list of IIS variables names. A variable FOO is promoted to X-iisnode-FOO HTTP request header only if it is actually defined for a particular request. By default no IIS server variables are promoted.

For example, to obtain the username of the authenticated caller and the authentication type, configure iisnode as follows:

<configuration>
  <system.webServer>

    <!-- ... -->

    <iisnode promoteServerVars="AUTH_USER,AUTH_TYPE" />

  </system.webServer>
</configuration>

The node.js application can then access these values using the following code:

var http = require('http');

http.createServer(function (req, res) {
    var username = req.headers['x-iisnode-auth_user'];
    var authenticationType = req.headers['x-iisnode-auth_type'];
    // ...
}).listen(process.env.PORT);

For a complete list of IIS server variables that can be promoted see http://msdn.microsoft.com/en-us/library/ms524602.aspx

@timgit timgit mentioned this issue Jan 14, 2014
Closed
@PujaKapurMalik PujaKapurMalik mentioned this issue Apr 17, 2014
Closed
@digitalsadhu digitalsadhu mentioned this issue May 3, 2015
Closed
@nathanfrancy
Copy link

@tjanczuk I know this has been here for a while now, but how would I replicate this without IIS or apache? I'm developing locally and just running the express app through command line/webstorm.

@paill paill mentioned this issue Jun 7, 2017
Closed
@fedorbirjukov fedorbirjukov mentioned this issue May 29, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
P1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tjanczuk @nathanfrancy