Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NT Authentication --> Session Variables how to?

Status
Not open for further replies.
Shilohcity

Shilohcity

Technical User
Jul 12, 2000
136
GB
Hi there

I have a bit of a tricky problem. I have a bunch of asp code which is currently carrying out user authentication by making database queries, this works fine and enables a common login.asp page to be used by all secure pages on the intranet. This sets session variables which then determine how many of the pages appear.

I am now wanting to use NT authentication to secure these pages. I have enabled the security features and have tested the secure pages as being restricted etc. What I cant quite seem to figure out is how I go about using NT security to set session variables depending on login details.

I guess what I need to figure out is how to use NT permissions to allow all users to view pages but at the same time distinguish between administrators and users to display the pages differently.

As always all suggestions, comments etc gratefully received.

Justin. X-)
"Creativity is the ability to introduce order into the randomness of nature." Eric Hoffer

Visit me at
 
Sort by date Sort by votes
Serach on "ASP Permission Checker"

On MSDN July 2001 CD. Platform SDK / Web Services /IIS 5.1 / ASP Guide / Installable Components / Permission Checker Component.
HasAccess
The HasAccess method tests whether a user has permission to access a specified file.

Syntax
OVar.HasAccess( FilePath )



Parameters
FilePath
A string that specifies the path and name of the file; this can be either a physical or virtual path.
Return Values
Returns a BOOLEAN value that indicates whether the Web user has access to the specified file. If the file does not exist, or if a directory is specified, the PermissionChecker object returns False.

Example
The following example uses the PermissionChecker object to test whether the Web user has access to the file C:\pages\private\default.htm. If the user has access, the script creates a hyperlink to that file; otherwise it writes a message. This example uses a virtual path.

--- PermChecker.asp ---

Code: 
<% 
If &quot;&quot; = Request.ServerVariables(&quot;LOGON_USER&quot;) Then

  Response.Write &quot;<H3>Please disable Anonymous Access for this Virtual Directory</H3>&quot;

Else

  Set oPermChecker = Server.CreateObject(&quot;MSWC.PermissionChecker&quot;)
%>

  <H3>Checking Permissions</H3>



  <P>Logged On User =
  <%=Request.ServerVariables(&quot;LOGON_USER&quot;)%>

  <P>
  Access to Physical Path 
  <%=Request.ServerVariables(&quot;PATH_TRANSLATED&quot;)%>
  = 
  <%=oPermChecker.HasAccess(Request.ServerVariables(&quot;PATH_TRANSLATED&quot;))%>

  <P>
  Access to Virtual Path 
  <%=Request.ServerVariables(&quot;PATH_INFO&quot;)%>
  = 
  <%=oPermChecker.HasAccess(Request.ServerVariables(&quot;PATH_INFO&quot;))%>

  <P>
  If you have access to 
  [URL unfurl="true"]http://<%=Request.ServerVariables(&quot;SERVER_NAME&quot;)%>/iissamples/sdk/asp/simple/Variables_VBScript.asp[/URL]
  then you will see a link below:<BR>

<%
  If oPermChecker.HasAccess(&quot;/iissamples/sdk/asp/simple/Variables_VBScript.asp&quot;) Then
%>
    <A href=&quot;[URL unfurl="true"]http://localhost/iissamples/sdk/asp/simple/Variables_VBScript.asp&quot;>[/URL]
    [URL unfurl="true"]http://localhost/iissamples/sdk/asp/simple/Variables_VBScript.asp[/URL]
    </A>
<%
  End If

End if
%>
 
Upvote 0 Downvote
Hi John

Thanks for your suggestion. I have taken a look at the code you mentioned and I got it working pretty quickly. I also found a ASP Component called aspuser which seems very cool. Now Im getting kind of ambitious and am thinking about setting session vars depending on file permissions. This means that I can allow individual users to set permissions on files and these can be reflected in the way the page works.

The permcheck code is definitely something im going to use in the interim though.

Thanks again

Justin. X-) &quot;Creativity is the ability to introduce order into the randomness of nature.&quot; Eric Hoffer

Visit me at
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
584
leifoet
leifoet
leifoet
  • Locked
  • Question
How to check if a datatable is empty ?
Replies
0
Views
442
leifoet
leifoet
leifoet
  • Locked
  • Question
How to link a condition to a session(&quot;UID&quot;) ?
Replies
14
Views
569
leifoet
leifoet
how2trainyourdragon
  • Locked
  • Question
Request.Server variables blank for classic ASP
Replies
12
Views
1K
GriffMG
GriffMG
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
474
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top