I am using iisnode to run my express, nodejs application on Windows Server 2016. I only need the LOGON_USER (username) of the client computer connecting to my app (This is on a company network). When connecting to my app it prompts the user for username password. My understanding is when using windows authentication I can access the clients credentials without having them login to my app since they have already logged on to their computer?
I have disabled anonymous authentication and enabled Windows authentication in IIS on my app under Default Web Site. I have followed these instructions to promote some server variable ex. LOGON_USER. When I brows to my apps site I am prompted with the login and username popup. What do I have to to to get access to the clients username/computer name without having them provide their credentials again. I don't even need to have them authenticated I just need the username from the computer they are accessing my app from.
web.config.
</appSettings>
<system.webServer>
<!-- Remove the modules element if running on IIS 8.5-->
<modules runAllManagedModulesForAllRequests="false" />
<!-- <httpErrors existingReponse="PassThrough"></httpErrors> -->
<iisnode node_env="%node_env%"
nodeProcessCountPerApplication="1"
maxConcurrentRequestsPerProcess="1024"
maxNamedPipeConnectionRetry="100"
namedPipeConnectionRetryDelay="250"
maxNamedPipeConnectionPoolSize="512"
maxNamedPipePooledConnectionAge="30000"
asyncCompletionThreadCount="0"
initialRequestBufferSize="4096"
maxRequestBufferSize="65536"
uncFileChangesPollingInterval="5000"
gracefulShutdownTimeout="60000"
loggingEnabled="true" logDirectory="iisnode"
debuggingEnabled="true" d
ebugHeaderEnabled="false"
debuggerPortRange="5058-6058"
debuggerPathSegment="debug"
maxLogFileSizeInKB="128"
maxTotalLogFileSizeInKB="1024"
maxLogFiles="20"
devErrorsEnabled="true"
flushResponse="false"
enableXFF="false"
promoteServerVars="AUTH_USER,AUTH_TYPE,LOGON_USER,REMOTE_USER,REMOTE_HOST"
configOverrides="iisnode.yml"
watchedFiles="web.config;*.js"
nodeProcessCommandLine="C:\Program Files\nodejs\node.exe" />
<handlers>
<add name="iisnode" path="server/dist/index.js" verb="*" modules="iisnode" />
</handlers>
<rewrite>
<rules>
<!-- Don't interfere with requests for node-inspector debugging -->
<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^server/dist/index.js\/debug[\/]?" />
</rule>
<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
<rule name="StaticContent" patternSyntax="Wildcard">
<action type="Rewrite" url="client/build/{R:0}" logRewrittenUrl="true" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<match url="*.*" />
</rule>
<!-- All other URLs are mapped to the Node.js application entry point -->
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True" />
</conditions>
<action type="Rewrite" url="server/dist/index.js" />
</rule>
</rules>
</rewrite>
<directoryBrowse enabled="false" />
</system.webServer>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
<identity impersonate="false" />
</system.web>
ugh...Figured it out. I was using the ip address for my site http://ip.address/myapp. It will always prompt for login and password if the url has periods in it. So I canged the ip to the server name and it cleared up the problem. http://myservername/myapp