Posted by zdzisio on 11/07/07 07:00

Gordon Burditt pisze:

> I understood the situation to be that the local machine is *on* the
> corporate network, not that it *is* the corporate network.

yes, sure, lost that word somewhere.


>
> What arguments does such a NTLM request require?

to make it simple:
serwer tells the browser: you need to authenticate using NTLM , valid
user is required. then browser sends the server id of a user.
something like:
S-1-5-21-3127170830-3942366122-3349335812-41005
now it is web serwers role to do something with it.
in most corporate enviroments - use ldap call to get real name


> Suppose: there are several people logged in on various machines
> on the local network. There are several people logged in on the
> same machine as user who's making the HTTP request (possible with
> terminal server or remote desktop on a Windows machine). What
> information does the HTTP server have to tell which user made the
> request?

the one who owns the task running web browser. the one that
started web browser, of course


> The IP address alone is NOT enough, and there's more than
> one user logged in on that machine.

but obviously any program run on a workstation can check who started it.
that is the point of ActivX solution too, isn't it?


z

[Back to original message]