LouSch7
asked on
ASP Classic and Basic Authentication
I have an ASP Classic web site that is running on an IIS that is setup for Basic Authentication with anonymous access disabled. I also have a login script that requires the user to type in a username and then validates it across active directory for their password, once validated it then creates several cookies to be used throughout the site.
Right now when you navigate to the site for the first time, you have to login to the windows authentication prompt, then login again at my login page. Is there a way to capture the basic authentication username and password and have it pass to the login I already have?
I have included some of the code that I am using for the login validation page.
Right now when you navigate to the site for the first time, you have to login to the windows authentication prompt, then login again at my login page. Is there a way to capture the basic authentication username and password and have it pass to the login I already have?
I have included some of the code that I am using for the login validation page.
'**************************
'Active Directory CheckSum
'**************************
On Error Resume Next
if (not strUserName= "") then
strADsPath = "WinNT://" & strADsPath
Dim oADsObject
Dim tempstr
tempstr = strDomain & "\" & strUserName
Set oADsObject = GetObject(strADsPath)
Dim strADsNamespace
Dim oADsNamespace
strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
set oADsNamespace = GetObject(strADsNamespace)
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, tempstr, strPassword, 0)
if not (Err.number = 0) then
Response.redirect"login.asp?Message=Please provide a correct login name<br>or system password for the " & strDomain & " domain!<br>"
'response.write err.description & "<p>"
if err.number = -2147022987 then ' for account logout
Response.write "<strong>Your account has been logged out!</strong>"
end if
else
Dim strProj, Objrs
Set Objrs = Server.CreateObject("ADODB.Recordset")
Call OPEN_DB
If AreYouATech = 1 Then
strProj = "SELECT * FROM tblTechnician Where username = '" & StrUserName & "'"
Else
strProj = "SELECT * FROM tblNonTechnician WHERE ClientEmplID = " & StrUserName
End If
Set Objrs = MyConn.Execute(strProj)
If NOT Objrs.EOF Then
If AreYouATech = 1 Then
'Cookies Go Here
Else
Dim RSClient, SQLClient
Set RSClient = Server.CreateObject("ADODB.Recordset")
Call OPEN_DB
SQLClient = "SELECT * FROM tblClient WHERE ClientEmplID = " & StrUserName
Set RSClient = MyConn.Execute(SQLClient)
'Cookies Go Here
End If
Else
Set Objrs = Nothing
Set ObjConn = Nothing
Response.redirect"login.asp?Message=Invalid UserName! Please try again"
End If
End If
End If
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
see the following website
Authentication Methods in IIS
http://www.4guysfromrolla.com/webtech/020201-1.shtml
Open in new window