provide access to the windows identity of the authenticated user to node.js app

[tjanczuk]

When IIS is configured to require windows authentication, there is currently no way within the node.js application to determine the name of the authenticated user. This is to provide a mechanism to access that username. One possibility is to use X-* HTTP request headers to convey this information from iisnode to node.exe on a per-request basis.

This is from http://tomasz.janczuk.org/2011/08/using-url-rewriting-with-nodejs.html?showComment=1321821547800#c8998354757283280788.

this would be very useful :)

[tjanczuk]

The fix is to provide a mechanism in iisnode to promote any of the IIS server variables to X-iisnode-* HTTP request headers.

To choose which of the IIS server variables are promoted to X-iisnode-* HTTP request headers, use the iisnode@promoteServerVars configuration property. It specifies a comma-separated list of IIS variables names. A variable FOO is promoted to X-iisnode-FOO HTTP request header only if it is actually defined for a particular request. By default no IIS server variables are promoted.

For example, to obtain the username of the authenticated caller and the authentication type, configure iisnode as follows:

<configuration>
  <system.webServer>

    <!-- ... -->

    <iisnode promoteServerVars="AUTH_USER,AUTH_TYPE" />

  </system.webServer>
</configuration>

The node.js application can then access these values using the following code:

var http = require('http');

http.createServer(function (req, res) {
    var username = req.headers['x-iisnode-auth_user'];
    var authenticationType = req.headers['x-iisnode-auth_type'];
    // ...
}).listen(process.env.PORT);  

For a complete list of IIS server variables that can be promoted see http://msdn.microsoft.com/en-us/library/ms524602.aspx

[nathanfrancy]

@tjanczuk I know this has been here for a while now, but how would I replicate this without IIS or apache? I'm developing locally and just running the express app through command line/webstorm.