> On Win2k / CF5, rather than having everyone login to an Intranet site
> (in this case a new login is forced daily) how reliable is it to
> identify the user from cgi.AUTH_USER ?
>
> IIS is set:
> Anonymous access: No
> Basic Authentication: No
> Integrated Windows authentication: Yes
>
> Users are on MSIE on PC & Mac
>
> cgi.AUTH_TYPE is NTLM
Very reliable.
> What does the very long string belonging to cgi.HTTP_AUTHORIZATION mean?
That is a one-way hash of user identity + salt.
Jochem
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
