Hello,<BR>Im trying to incorporate application roles into my asp application to only allow users to access the DB using the application (and not using any other tool). I was previously using a server side include file containing my connection string information, and each page calls this file.<BR><BR>I added the two new application role subroutines below. I am able to access the first login page which uses this file connection, but then I cannot precede past this page.. I get a standard HTTP 500 error.<BR><BR>Any suggestions?<BR><BR>Thanks in advance.<BR><BR><BR><BR><BR><BR>dim dbConn, strConn<BR>dim dbCmd<BR><BR>Sub MakeConn()<BR> strConn = "Provider=SQLOLEDB;Data Source=SERVER; " &_<BR> "Initial Catalog=DB User Id=UID; Password=PSWD;"<BR> Set dbConn=Server.CreateObject("ADODB.Connection")<BR> dbConn.Open strConn<BR> <BR> Call subSetApplicationRole <BR>End Sub<BR><BR><BR>Sub subSetApplicationRole<BR> <BR> Dim adCmdSPStoredProc, adParamReturnValue, adParamInput, adParamOutput, adVarChar<BR> Dim strStoredProc<BR> <BR> adCmdSPStoredProc = 4<BR> adParamReturnValue = 4<BR> adParamOutput = 2<BR> adParamInput = 1<BR> adVarChar = 200<BR> <BR> dbConn.CommandTimeout = 0<BR> Set dbcmd = Server.CreateObject("ADODB.Command")<BR> Set dbcmd.ActiveConnection = dbconn <BR> <BR> strStoredProc = "sp_setapprole"<BR> <BR> dbcmd.CommandText = strStoredProc<BR> dbcmd.CommandType = adCmdSPStoredProc<BR> <BR> dbcmd.Parameters.Append dbcmd.CreateParameter("@rolename",adVarChar,adPara mInput, 250, "appname")<BR> dbcmd.Parameters.Append dbcmd.CreateParameter("@password",adVarChar,adPara mInput, 250, "pswd")<BR> <BR> dbcmd.Execute <BR><BR>End Sub<BR><BR><BR>Sub subEndApplicationRole<BR><BR> Set dbcmd.ActiveConnection = nothing<BR> Set dbcmd = nothing<BR><BR>End Sub<BR><BR><BR>&#039; close recordset or connection object<BR>Sub Destroy()<BR> <BR> Call subEndApplicationRole<BR><BR> dbConn.Close<BR> Set dbConn = Nothing<BR><BR>End Sub