Join GitHub today
provide access to the windows identity of the authenticated user to node.js app #87
When IIS is configured to require windows authentication, there is currently no way within the node.js application to determine the name of the authenticated user. This is to provide a mechanism to access that username. One possibility is to use X-* HTTP request headers to convey this information from iisnode to node.exe on a per-request basis.
The fix is to provide a mechanism in iisnode to promote any of the IIS server variables to X-iisnode-* HTTP request headers.
To choose which of the IIS server variables are promoted to X-iisnode-* HTTP request headers, use the iisnode@promoteServerVars configuration property. It specifies a comma-separated list of IIS variables names. A variable FOO is promoted to X-iisnode-FOO HTTP request header only if it is actually defined for a particular request. By default no IIS server variables are promoted.
For example, to obtain the username of the authenticated caller and the authentication type, configure iisnode as follows:
The node.js application can then access these values using the following code:
For a complete list of IIS server variables that can be promoted see http://msdn.microsoft.com/en-us/library/ms524602.aspx