Another Authentication?

[jmhrivnak]

Hi All,

Very new to .ASP. I've been asked to include a secure web page to my companies site that requires a username/password to access. The site is very simple and I don't have SQL or anything running to store a list of usernames & passwords. Is it possible and would it be secure if I used a .inc file with a simple script that evaluated a username and password input from a form generated by a .asp file? OR can I create an NT user with very limited rights and provide that username and password to the small number of individuals who will need to access the secure page? OR does someone else have a another solution? Again, I'm very new to this so the more detail the better.

Thank you very much for any help.

-John

 

[madhouse]

All you need is one web page to hold a form where a user will enter a Username/Password and a second page (ASP) to evaluate the entered details.

Here is the code for the form:

<form name=&quot;frm1&quot; action=&quot;menu.asp&quot; method=&quot;post&quot;>
<table width=&quot;36%&quot; border=&quot;0&quot; cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; align=&quot;center&quot; bgcolor=&quot;#FFFFFF&quot;>
<tr bgcolor=&quot;#000000&quot;>
<td colspan=&quot;2&quot; bgcolor=&quot;#CB0000&quot;>
<div align=&quot;center&quot;><b>
<font size=&quot;3&quot; face=&quot;Arial, Helvetica, sans-serif&quot; color=&quot;#FFFFFF&quot;>
Administration Login</font></b></div>
</td>
</tr>
<tr>
<td height=&quot;22&quot; width=&quot;36%&quot;>&nbsp;</td>
<td height=&quot;22&quot; width=&quot;64%&quot;>&nbsp;</td>
</tr>
<tr>
<td height=&quot;22&quot; width=&quot;36%&quot;><font size=&quot;2&quot; face=&quot;Verdana, Arial, Helvetica, sans-serif&quot;>&nbsp;Login
Id</font></td>
<td height=&quot;22&quot; width=&quot;64%&quot;>
<input type=&quot;text&quot; name=&quot;txtloginid&quot; size=&quot;20&quot;>
</td>
</tr>
<tr>
<td width=&quot;36%&quot;><font face=&quot;Verdana, Arial, Helvetica, sans-serif&quot; size=&quot;2&quot;>&nbsp;Password</font></td>
<td width=&quot;64%&quot;>
<input type=&quot;password&quot; name=&quot;txtpassword&quot; size=&quot;20&quot;>
</td>
</tr>
<tr>
<td width=&quot;36%&quot;>&nbsp;</td>
<td width=&quot;64%&quot;>&nbsp;</td>
</tr>
<tr>
<td width=&quot;36%&quot;>&nbsp;</td>
<td width=&quot;64%&quot;>
<input type=&quot;submit&quot; name=&quot;Submit&quot; value=&quot;Login&quot;>
<input type=&quot;reset&quot; name=&quot;Reset&quot; value=&quot;Reset &quot;>
</td>
</tr>
</table>
</form>


This posts to the menu.asp page which checks the details entered. The code in menu.asp which does this is:

<%
if request.form(&quot;txtloginid&quot <> &quot;&quot; and request.form(&quot;txtpassword&quot <> &quot;&quot; then
if request.form(&quot;txtloginid&quot = &quot;ausername&quot; and request.form(&quot;txtpassword&quot = &quot;apassword&quot; then
session(&quot;admin&quot = &quot;true&quot;
else
session(&quot;admin&quot = &quot;false&quot;
end if
end if
%>

This is just an example of hard-coding the Username and Password. You could also store the details in a database and open a record set to check them against.