|
Custom Security/Authentication #1
You can limit access to specific pages in your
website using several methods documented at http://www.learnasp.com/freebook/asp/authenticate.aspx
Here we will demonstrate how to use custom authentication and also
cover session and application issues. You can try our authentication example by:
The next page details the source code for all
scripts needed to implement our example but here is the list:
securitylogin.asp
securityloginrespond.asp |
the login screen where someone can enter
username/password and confirm security level. It is a form that submits to securityloginrespond.asp |
| securitylogout.asp |
the screen to abandon someone's
username/password and security level |
securitylevel1required.asp
securitylevel2required.asp
securitylevel3required.asp |
which can be included on individual pages to
limit access to people with that security level, i.e/:
<!--#include
file="securitylevel1required.asp"--> |
securitytestlevel1.asp
securitytestlevel2.asp
securitytestlevel3.asp |
which demonstrate how security is implemented.
These scripts cannot be seen unless you login. |
| securitynotallowed.asp |
which anyone attempting to access a page without
appropriate security level is redirected to. |
/learn/test/customsecurity.mdb
Download Database |
a 3 column Access database: username, password,
security level. Sample data is:
user=chaz, password=chaz, securitylevel=1
user=chaz2, password=chaz2, securitylevel=2
user=chaz3, password=chaz3, securitylevel=3In a production application, this database would be located
OUTSIDE of the web structure (and accessed by DSN) so it could never be downloaded by a
user. |
|