Hi, I am trying to implement a little security to a directory of files. I do not want them to be accessable from an outsider, and I want only people logged in to be able to run the proper asp file.<BR><BR>this is the ASP file:<BR><BR>&#060;!-- #include file="sec.asp" --&#062;<BR>&#060;%<BR><BR>TestValidUser()<BR><BR>fi lename = Request("Filename")<BR>Response.Redirect("http://login:password@IP.IP.IP.IP/files/" & filename)<BR><BR>%&#062;<BR><BR>TestValidUser() has already been dealt with and that will check to see if the person has logged in. The problem is that even though I pass the correct password and login to the NT secured drive, it RE-REQUESTS it with a pop up.<BR><BR>If I actually type http://login:password@IP.IP.IP.IP/files/ into the URL field in a browser it works fine. Redirect just does not work for some reason.<BR><BR>Could someone help me?<BR><BR>Thank you.<BR>