Solved

ASP URL

Posted on 2014-10-01
13
177 Views
Last Modified: 2014-10-13
Greeting,

I have an login.asp which doing LDAP authentication before redirect the users to an form. Now I want to add an exception. that is if the user was on a paticulaer URL then go to the login.asp if will bypass the LDAP authentication.

Please provide sample code.

Thanks.
0
Comment
Question by:mrong
  • 7
  • 5
13 Comments
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354782
What is the url you want to check?
0
 

Author Comment

by:mrong
ID: 40354796
sample URL like  http://www.yahoo.com/user/file/mypath
the 'mypath' part could be different.

Thanks.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354820
You can try something like this:

If InStr(Request.ServerVariables("URL"), "mypath)  > 0 then
      '-- condition met, proceed
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354827
Missing a quote

If InStr(Request.ServerVariables("URL"), "mypath" )  > 0 then
      '-- condition met, proceed
0
 

Author Comment

by:mrong
ID: 40354837
what should I put for "mypath" ? it could be different.
Thanks.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354854
What do you want it to equal in order for authentication to occur?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:mrong
ID: 40354861
if the beginning of previous URL is  http://www.yahoo.com/user/file
then redirect
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354892
Then try using this code

If Request.ServerVariables("SERVER_NAME") = "www.yahoo.com/user/file" then
       Do redirect
0
 

Author Comment

by:mrong
ID: 40354893
Below is what I am using. will the Session variables being carried after redirected?

  If InStr(Request.ServerVariables("URL"), "http://www.yahoo.com/user/file " )  > 0 then
    Session("username") = "UsersRedirected"
   Response.Redirect "http://mysite/form.asp"
  End if
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 40354930
your session variable will be carried over. try this for code:

 If Right( Request.ServerVariables("URL"), 9 ) = "user/file" then
    Session("username") = "UsersRedirected"
   Response.Redirect "http://mysite/form.asp"
  End if

Open in new window

0
 

Author Comment

by:mrong
ID: 40355101
Big_Monty,

Both
If InStr(Request.ServerVariables("URL"), "mypath" )  > 0 then
and
 If Right( Request.ServerVariables("URL"), 9 ) = "user/file" then
not working right.

Thanks.
0
 
LVL 32

Accepted Solution

by:
Big Monty earned 500 total points
ID: 40355633
ok i mis-read your question originally, you want to get where the user was coming from, not the current page. to do that, you have to do something like:

dim page
page = Request.ServerVariables("http_referer")
page = Mid( page, InStr( page, "/" ), Len( page ) )    '-- removes domain name from page name

 If page = "/user/file" then
      '-- no additional folder names in path
else
      '-- came from /user/file/myPath
end if

Open in new window


if the statement

If page = "/user/file" then

doesn't work, try doing a response.write of the page variable to see what it displays
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 40357542
The referring page can be spoofed.   I would add on to what Big Monty has shown you by adding an encrypted cookie or session variable to the page you want to test for.

On your /user/file page, towards the bottom of any asp code, add something like
session("lastpage")="/user/file"

Open in new window

Then on the page you want to test for, at the top of the page
IF session("lastpage")="/user/file" THEN
     'flag something good
     ELSE
     'flag something bad
END IF
session("lastpage")="myNewPage"

Open in new window


There are many options here.  The only downside to this method is if you have high traffic and your worker process resets (rare, but happens), you loose your session.  The other option is setting an encrypted cookie.  You can simply use response.cookies("lastpage") = "something" http://www.w3schools.com/asp/asp_cookies.asp but that is about as handy as using a querystring.  You would want to encrypt "something".   Using the session is going to be easier.

I use a similar function and use an include file on every page for the code to set the named page name.

Good luck!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
This script will sweep a range of IP addresses (class c only, 255.255.255.0) and report to a log the version of office installed. What it does: 1.)      Creates log file in the directory the script is run from (if it doesn't already exist) 2.)      Sweep…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now