I have an ASP.NET 3.5 application (on IIS 6.0) which uses ASP.NET forms authentication. In my IIS logs, I have extended logging turned on including the cs-username field. Even after a user has logged in to my site, the cs-username still displays '-'.
我有一个使用ASP.NET表单身份验证的ASP.NET 3.5应用程序(在IIS 6.0上)。在我的IIS日志中,我已启用扩展日志记录,包括cs-username字段。即使用户登录我的网站后,cs-username仍会显示“ - ”。
Is there a way to get the authenticated ASP.NET user's name to appear in the username field in the logs?
有没有办法让经过身份验证的ASP.NET用户名出现在日志中的用户名字段中?
3 个解决方案
#1
Not easily.
cs-username by default is the HTTP authentication username, not forms authentication. You might be able to write an ISAPI DLL to intercept the call, parse the ASP.NET auth token cookie, decrypting it if you have to and retrieve the username from the membership providerthen intercept SF_NOTIFY_LOG and respond to the ON_LOG event to set the right name, but it's non-trivial.
默认情况下,cs-username是HTTP身份验证用户名,而不是表单身份验证。您可能能够编写ISAPI DLL来拦截调用,解析ASP.NET身份验证令牌cookie,如果必须解密它并从成员资格中检索用户名提供拦截SF_NOTIFY_LOG并响应ON_LOG事件以设置正确的名称,但这不重要。
#2
Alernatively, use the ASP.NET memebership provider to write some customised codes to record them in the database!
Alernatively,使用ASP.NET memebership提供程序编写一些自定义代码,以便在数据库中记录它们!
#3
yep, pretty lame of asp.net...you'd think they would have integrated it better w/ the IIS logs :-P
是的,非常蹩脚的asp.net ...你认为他们会更好地集成它与IIS日志:-P
You can use this isapi filter, but I'm not sure it'll work for IIS7 (Windows 2008). Should work fine in Win2003: http://www.codeproject.com/KB/trace/isapilogger.aspx
您可以使用此isapi过滤器,但我不确定它是否适用于IIS7(Windows 2008)。应该在Win2003中正常工作:http://www.codeproject.com/KB/trace/isapilogger.aspx
#1
Not easily.
cs-username by default is the HTTP authentication username, not forms authentication. You might be able to write an ISAPI DLL to intercept the call, parse the ASP.NET auth token cookie, decrypting it if you have to and retrieve the username from the membership providerthen intercept SF_NOTIFY_LOG and respond to the ON_LOG event to set the right name, but it's non-trivial.
默认情况下,cs-username是HTTP身份验证用户名,而不是表单身份验证。您可能能够编写ISAPI DLL来拦截调用,解析ASP.NET身份验证令牌cookie,如果必须解密它并从成员资格中检索用户名提供拦截SF_NOTIFY_LOG并响应ON_LOG事件以设置正确的名称,但这不重要。
#2
Alernatively, use the ASP.NET memebership provider to write some customised codes to record them in the database!
Alernatively,使用ASP.NET memebership提供程序编写一些自定义代码,以便在数据库中记录它们!
#3
yep, pretty lame of asp.net...you'd think they would have integrated it better w/ the IIS logs :-P
是的,非常蹩脚的asp.net ...你认为他们会更好地集成它与IIS日志:-P
You can use this isapi filter, but I'm not sure it'll work for IIS7 (Windows 2008). Should work fine in Win2003: http://www.codeproject.com/KB/trace/isapilogger.aspx
您可以使用此isapi过滤器,但我不确定它是否适用于IIS7(Windows 2008)。应该在Win2003中正常工作:http://www.codeproject.com/KB/trace/isapilogger.aspx