I am trying to bypass the mid-tier login by somehow capturing the NT login and pw. I have it successfully authenticating as long as the user types their NT login and password. However, they would like to bypass that and simply go straight to the page based on already having logged into their workstation. Is this possible with 5.1.2 mid-tier. I know there used to be some functionality in 3.x ($REMOTE_USER) and 4.x (request.getRemoteUser()) but I had never implemented those and am not familiar enough with them to try and translate to the mid-tier.

Thanks in advance for any help.

Can you share what you are using for authentication? I'm looking to do the same thing.

So far I haven't gotten it to work quite right. I can make it work with a direct access URL (EX w/blank pwd: http://<<YOUR SERVER NAME>>/arsys/servlet/LoginServlet?server=<<YOUR SERVER NAME>>&username=%username%&pwd=&goto=/arsys/apps/en/<<YOUR SERVER NAME>>/rsmweb/rsmstart.jsp EX w/generic pwd: http://<<YOUR SERVER NAME>>/arsys/servlet/LoginServlet?server=<<YOUR SERVER NAME>>&username=%username%&pwd=<<GENERIC>>&goto=/arsys/apps/en/<<YOUR SERVER NAME>>/rsmweb/rsmstart.jsp)that pulls the user's name from the windows OS. The problem is that I can not pull the password. So, all the users either have to have a blank password or the same password so it can be placed in that URL. I'm not too comfortable with that, so I'm still looking. What are you trying? I've been told it is doable with ASP, but haven't come across the how to yet.

Hi,
You can get Windows domain\login variable from IIS server but you cannot get password.
What you can do is to send the users to an ASP page that get this values from IIS and than construct an url to redirect the user to the Mid-Tier app, passing the login as a parameter to LoginServlet.jsp. The ASP page has to have Integrated Windows Authentication set (not anonymous).
For this to work you will have to trust that, if the user is able to login into the windows domain, then that is good enough to let him use your AR application.
Maybe it is possible to trust if this is only for end-users to submit and track their tickets.
Bellow you can find an example of code for your asp page.
(I put it between P tags to prevent the code to be interpreted by this site)
<p>
<% @Language = "VBScript" %>
<% Response.buffer = true %>

<html>

<%
Dim url
Dim login
Dim pwd
url = "http://ServidorWeb/arsys/servlet/LoginServlet?goto=http://YOURSERVER/arsys/apps/default/YOURSERVER/YOURAPP/start.jsp&server=YOURSERVER"
login = LCase(split(Request.ServerVariables("REMOTE_USER"),"\")(1))
pwd = ""
response.redirect url&"&username="&login&"&pwd="&pwd
%>

</html>
</p>

Thanks...it seems to be getting me closer. I no longer get errors from my jsp redirects. However, the asp only opens up as a blank page and doesn't forward on to the rsmstart.jsp. I'm not too familiar with ASP, so am I missing something?

Anyone got some nice documentation on how do get the username from NT to login to mid-tier form? I see there is a url passed up there, but im sure there is more work to get the username than just using a url, Would be nice if anyone had any documentation as i believe this is something i could need

Does anyone know if there is a way to populate (set field action) a field on a form in midtier by "window open" for example and it gets the username of the NT machine to put into a field? The ARSystem is located on a Unix machine and client is NT.

Any help appriciated.
Chris

It's just not that easy to get a password from NT. Any sensible operatiing system (and we'll include NT here, although loosely) will not provide passwords, but a hash of those passwords. The best you're going to get is the current password hash.

ARS and the Midtier provide no real useful integration tools because Remedy like you to do things "their way", and sadly "their way" is not really compatible with the world today. This is one of the areas that Symbiont have been looking at in great detail.

As for your question regarding the form, I'd personally set the username (on the request header) as a Cookie, and then fetch it again via a javascript RunProcess command. But this is such a good suggestion that we'll (Symbiont) probably end up providing a function for this, as the username is avaialable to the VM through environment variables.


Stan
--
Stan Hawkins, Symbiont Solutions
http://www.symbiontsolutions.com

Have mid -tier use LDAP to authenticate users