We have a asp.net application. This uses windows authentication and reads the LOGON_USER variable to check if the current user is allowed access etc.
The syntax to get the user name in an asp.net application is User.Identity.Name not SERVER_VARIABLE["LOGON_USER"].
User.Identity.Name
LOGON_USER is, The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.