Your SAS programs, embedded in web apps and elsewhere

Getting Windows user id/logonID in SAS IntraNet application

Accepted Solution Solved
Reply
Contributor
Posts: 29
Accepted Solution

Getting Windows user id/logonID in SAS IntraNet application

Is it possible to get windows logon information, in a SAS IntraNet program, for the user visiting the "site"?

&SYSUSERID (which we normally use for scheduled programs) simply gives "SYSTEM".

Using SAS 9.3 together with Apache 2.2.25.

Thank you.

Best

Kasper


Accepted Solutions
Solution
‎01-20-2015 09:21 AM
Contributor
Posts: 29

Re: Getting Windows user id/logonID in SAS IntraNet application

Found a solution.

Running apache 2.2

Installed mod_auth_sspi-1.0.4

Added this to the apache conf:

LoadModule sspi_auth_module modules/mod_auth_sspi.so

and this under <directory..>:

#SSPI

AuthName "A Protected Place"

AuthType SSPI

SSPIAuth On

SSPIAuthoritative On

SSPIOfferBasic On

SSPIUsernameCase upper

require valid-user

Added the corrosponding Export lines to the SAS broker conf:

Export REMOTE_USER         _RMTUSER

and tadaaa!

Sample program:

%let userid = %sysfunc(substr("&_RMTUSER",11,6)); /* domain\userid, domain is 10 character long + 1 for the \ */

data _null_;

file _webout;

put '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';

put '<html xmlns="http://www.w3.org/1999/xhtml">';

put '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';

put '<body>';

put 'Your User ID is: <b>'@;

put "&USERID";

put '</b>';

put '</body>';

put '</html>';

run;

View solution in original post


All Replies
Super User
Posts: 5,255

Re: Getting Windows user id/logonID in SAS IntraNet application

IntrNet, long time ago. Not considering moving to Stored Process Server...?

As I recall it, you need to configure your web server to use Windows Authentication.

Once that is in place, you should be able to pick up the user id:s.

If you not find the exact macro variable name in the documentation, use %put _all_;

Data never sleeps
Contributor
Posts: 29

Re: Getting Windows user id/logonID in SAS IntraNet application

Hello Linus

Thank you for your answer.

Im not familiar with stored processes (we normally dont run SAS web applications - we use vb.net for that).

Do you have any experience with what should be modified on apache for that to be possible?

Best

Kasper

Super User
Posts: 5,255

Re: Getting Windows user id/logonID in SAS IntraNet application

No, I'm not a web server expert.

You should have one at your site, if not, you should be a bit concerned...

Data never sleeps
Valued Guide
Posts: 3,208

Re: Getting Windows user id/logonID in SAS IntraNet application

SAS/intrnet is of the time before bi/di and the metadataserver
You will find parts of in the STP guide like: SAS(R) 9.4 Stored Processes: Developer's Guide, Second Edition (sessions)

SAS/intrnet is:  SAS/IntrNet(R) 9.4: Application Dispatcher (adding sessions)

For succeeding request you are needing theo sessions. the first can be a own build login. You can also use webserver authentication

SAS/IntrNet(R) 9.4: Application Dispatcher (Application Server Secuirty)

There are generic webserver variables as of SAS/IntrNet(R) 9.4: Application Dispatcher (exporting variables) of the configuration.

The active ones can be seen when going into debug mode.

As the connection is seen as an external one the first would be getting it as an internal (web server authentication?)

Remember Ad is one of the many LDAP implementations. Although AD cannot be used to implement Unix security it could be sufficient the have a known user.

The restriction wil still be the service account of the OS that is being used (broker).

---->-- ja karman --<-----
Solution
‎01-20-2015 09:21 AM
Contributor
Posts: 29

Re: Getting Windows user id/logonID in SAS IntraNet application

Found a solution.

Running apache 2.2

Installed mod_auth_sspi-1.0.4

Added this to the apache conf:

LoadModule sspi_auth_module modules/mod_auth_sspi.so

and this under <directory..>:

#SSPI

AuthName "A Protected Place"

AuthType SSPI

SSPIAuth On

SSPIAuthoritative On

SSPIOfferBasic On

SSPIUsernameCase upper

require valid-user

Added the corrosponding Export lines to the SAS broker conf:

Export REMOTE_USER         _RMTUSER

and tadaaa!

Sample program:

%let userid = %sysfunc(substr("&_RMTUSER",11,6)); /* domain\userid, domain is 10 character long + 1 for the \ */

data _null_;

file _webout;

put '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';

put '<html xmlns="http://www.w3.org/1999/xhtml">';

put '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';

put '<body>';

put 'Your User ID is: <b>'@;

put "&USERID";

put '</b>';

put '</body>';

put '</html>';

run;

☑ This topic is SOLVED.

Need further help from the community? Please ask a new question.

Discussion stats
  • 5 replies
  • 1642 views
  • 7 likes
  • 3 in conversation