Menu
I've successfully setup a sample Flask app on Windows / IIS 10.0 using wfastcgi with Python 3.6 running under a Windows domain account.
Now I'm trying to pass the IIS Windows Authentication user information to my Flask app. I've enabled only Windows Authentication in IIS and my browser authenticates successfully.
How do I find out which user is accessing the site in WSGI? I've checked the environment variables and the HTTP headers without luck.
PHP seems to have a fastcgi.impersonate-Option, but there seems to be no pendant for Python.
346
Authentication: The client generates and hashes a response and sends it to the IIS server. The server receives the challenge-hashed response and compares it to what it knows to be the appropriate response. If the received response matches the expected response, the user is successfully authenticated to the server.
In the Web Server (IIS) pane, scroll to the Role Services section, and then click Add Role Services. On the Select Role Services page of the Add Role Services Wizard, select Windows Authentication, and then click Next. On the Confirm Installation Selections page, click Install. On the Results page, click Close.
You mentioned that you've checked the environment variables and the HTTP headers. If you checked the environment variables with os.environ.get['REMOTE-USER'] then you should receive an empty string because your Python instance is running locally on the server and is not remote. And unless you use something like ISAPI rewrite, IIS won't write the REMOTE-USER to the headers either.
The easiest solution is to check the environment variables that IIS explicitly passes to Flask:
from Flask import request
username = request.environ('REMOTE_USER')
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With