Password protecting a directory

Posted on 1999-12-14
Medium Priority
Last Modified: 2010-04-09
 we are running an IIS 4.0 and we have a large web site and there is a members only section which should be accessible to members only.we want this whole directory containing many html files and a couple of asp files accessible through member login only.we dont have a username files but just a member id they enter which is matched with the database table and if matched should be granted access.what are the fifferent ways of doing that?If a member logs in to the members only page and bookmarks a html page in the members only section and later on if he just clicks on the bookmark he shouldnt have access to that unless he goes step by step entering the member id.
Please help me out of this.
Question by:amitagnihotri
  • 2

Expert Comment

ID: 2280676
This solution predicates that you can change ALL the (HTML) files in your directory to ASP files.

Probably easiest to define a variable (perhaps even in global.asa), Session("validuser")="false".  When a login has been successfully achieved, change the value to "true".

At the top of each page in the directory, add the following test:

<% if Session("validuser") <> "true" then
response.redirect "login.asp"%>

I think that should get you to where you need to be.


Accepted Solution

aikon earned 100 total points
ID: 2280792
You have two possible ways:
a) Go to MS Console then change the security police of the directory to "Basic Authentication". You may add the user to your system.

b) Use an external ASP control like "AuthenticX", available at www.flicks.com/flicks/authx.htm


Expert Comment

ID: 2281088
"we dont have a username files but just a member id they enter which is matched with the database table and if matched should be granted access."

Enabling Basic Authentication requires a valid NT account (either on the server or on a trusted domain).

While AuthenticX may not require the creation of NT user accounts, it does cost $299.

Using ASP code to protect your files takes advantage of your already created database, and costs nothing more than adding a couple of lines of code to each file and saving them as ASP files.  In the worst case scenario, where all your HTML files are linked together, you could even define .htm (or .html) files as Active Server Pages, so you wouldn't have to recode the links.  Not pretty, but functional.


Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
Originally, this post was published on Monitis Blog, you can check it here . Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
In this tutorial viewers will learn how to embed an audio file in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: : The declaration should display (CODE) HTML5 is supported by the most recent versions of all major browsers…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question