provide access to the windows identity of the authenticated user to node.js app #87

Closed
tjanczuk opened this Issue Nov 21, 2011 · 3 comments

Comments

Projects
None yet
3 participants
Owner

tjanczuk commented Nov 21, 2011

When IIS is configured to require windows authentication, there is currently no way within the node.js application to determine the name of the authenticated user. This is to provide a mechanism to access that username. One possibility is to use X-* HTTP request headers to convey this information from iisnode to node.exe on a per-request basis.

This is from http://tomasz.janczuk.org/2011/08/using-url-rewriting-with-nodejs.html?showComment=1321821547800#c8998354757283280788.

@ghost

ghost commented Nov 23, 2011

this would be very useful :)

Owner

tjanczuk commented Jan 11, 2012

The fix is to provide a mechanism in iisnode to promote any of the IIS server variables to X-iisnode-* HTTP request headers.

To choose which of the IIS server variables are promoted to X-iisnode-* HTTP request headers, use the iisnode@promoteServerVars configuration property. It specifies a comma-separated list of IIS variables names. A variable FOO is promoted to X-iisnode-FOO HTTP request header only if it is actually defined for a particular request. By default no IIS server variables are promoted.

For example, to obtain the username of the authenticated caller and the authentication type, configure iisnode as follows:

<configuration>
  <system.webServer>

    <!-- ... -->

    <iisnode promoteServerVars="AUTH_USER,AUTH_TYPE" />

  </system.webServer>
</configuration>

The node.js application can then access these values using the following code:

var http = require('http');

http.createServer(function (req, res) {
    var username = req.headers['x-iisnode-auth_user'];
    var authenticationType = req.headers['x-iisnode-auth_type'];
    // ...
}).listen(process.env.PORT);  

For a complete list of IIS server variables that can be promoted see http://msdn.microsoft.com/en-us/library/ms524602.aspx

@tjanczuk tjanczuk closed this in 6e68c03 Jan 11, 2012

@tjanczuk I know this has been here for a while now, but how would I replicate this without IIS or apache? I'm developing locally and just running the express app through command line/webstorm.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment