Web Security - How?

[bigfoot]

What's the best way to do web security? We have an intranet and I was going to make a signon when they opened it. I was going to make a database table showing what the user was allowed to see, and which parts he/she was restricted to.
Am I going about this in the right direction?

Gary The door to life is never locked, but few have the knowledge to open it.

 

[luciddream]

yes. adam@aauser.com

 

[bigfoot]

Do I want to pass the user profile around in the url, or use server variables? The door to life is never locked, but few have the knowledge to open it.

 

[jaredn]

not in the url of course (prying eyes) just post it in a form. jared@aauser.com

 

[bigfoot]

I'm sorry. Thats what I ment.

I may have 50 forms on our intranet and maybe 30 should be secure. All people can not see all pages. Every page will have to check the current user to see if he/she has a bit set in the database (page can be read).
Can't my NT security do this? The door to life is never locked, but few have the knowledge to open it.