Identifying "AUTH_USER" with v8.5.1

Has anyone figured out how to identify the authenticated user when using custom resources since the .NET changes in v8.5? We have several custom resources that rely on "Request.ServerVariables("AUTH_USER")" to control access to certain functions, but it appears that the ProxyBypass that 8.5.1 is using has broken the ability to do this. All I'm getting for the user is the name of the server (such as Domain\ServerName$).

Find more posts tagged with

Accepted answers

All comments

vhcato

Figured it out...

Substituted "NetPerfMon.CurrentAccount.AccountID", and all is happy again.

WINNT

Vic, would you please share an example of your code that uses the "NetPerfMon.CurrentAccount.AccountID" ?

vhcato

WINNT,

We have written a "Site Database" application that we use to store info about all of our sites. Another user on the forum (jrutski) shared some code with me that he had written, and we based our app off of his code. It's web-based and viewable directly on the Orion web site. In fact, it dynamically derives some of its data from the native Orion database, and the other fields are statically inserted into tables that we added, and can be manipulated via the web. Naturally, we don't want just anyone with access to Orion to be able to make changes to this data, so I came up with a security mechanism which is based on queries to another table we added to the database that includes usernames and defined roles.

As part of our project to move Orion to our production data center, the plan was to implement this mechanism to control access to other aspects of Orion as well, but I haven't gotten that far yet. I ran into some issues with 8.5.1, and I'm currently trying to get that straightened out. The ASP to ASP.NET proxy is causing some difficulties with our site database app, but at this point it's somewhat cosmetic. Once they go entirely ASP.NET, that may be a different story.

Attached is a snip of code from one of the pages that only allows the links and associated icons to be visible at the bottom of a site record page if the user has the "Site Database ACD" role assigned to his/her user name in the database. Within the actual lookup of the username, you will notice that I have it starting with the 7th character. We use AD authenticated accounts for all of our users who have extra privs, and our domain name is 5 characters long, so this slices off the xxxxx\.

Hopefully ASP.NET won't prove to be too much of a challenge for my puny little mind...

Code_Snip.zip

WINNT

Very nice Vic! Thanks! When I get a few minutes I will create a table and experiment with your code. Why didn't you just add a field in the Accounts table? Were you worried about SolarWinds supporting you, or maybe you would break something? Thanks.