I'm working with IIS 4.0 and ASP pages. I've configured IIS with Anonymous and Challenge authentication modes (both are checked). I'm asking IIS server for the user name, but no user name is returned (I'm logged into the same domain).
What is the authentication flow? I thought that the first authentication mode used was the most restrictive and then the others. In this case it seems that only the anonymous mode is being used.
What can I do in order to obtain the user name (if the user is logged into a Windows domain)? and How can I know which mauthetication method was used?
Nope. The only time you'll trigger NTCR authentication if Allow Anonymous is also checked is if you hit a file on the server that has NTFS permissions that do not allow anonymous access (IUSR_<machinename> doesn't have read permissions.
If you want to force a login, you'll need to uncheck allow anonymous.
But... If I read your question right, you want to know whether they are logged into the local domain and under what username... I think you may need to investigate ADSI for that functionality (if you can even do it without an ActiveX control).