Results 1 to 2 of 2

Thread: Jeff

  1. #1
    ASP Security / Authentica Guest

    Default Jeff

    What&#039s the best way to handle security on a web server with ASP?<BR><BR>I have a large website and have "member only" sections. I don&#039t want a big box popping open like when you use NT authentication and I don&#039t really want to have to add all my users as NT accounts to authorize them (unless you guys tell me that&#039s the best way to go).<BR><BR>I like the system ESPN uses if you are familiar with that. I&#039ve created a system before where a user logs in, the asp verifies their account against an ODBC database, sets a cookie that they are logged in, but this doesn&#039t seem that secure..<BR><BR>Please advise what the best way to do this is.. I really want to get it right with this project.<BR><BR>Thanks fellas

  2. #2
    Jason Buck Guest

    Default RE: Jeff

    There are numerous ways to do this then, depending on how secure you want your site to be.<BR><BR>Have the signup page post information to a database.<BR><BR>Then when the user logins in to your site, you can set a cookie on their machine only if they are in the database otherwise you redirect them to a signup page.<BR><BR>When a user logs in to your site you can set a cookie on there machine that expires in a day, week, month or year. If the cookie is present, let them in, if not redirect them to a login page.<BR><BR>Another way is to set a session variable to the logged in user.<BR>When the user comes to your site and logs in, set a session for that user. On the top of each page you want secured, check for the session, if it is present, then allow them to view the page, if the session is not present, then redirect them to the login page.<BR><BR>You should really check out for the Authentix product. It is a great product that allows you to create a database and or cookie based authentication.<BR><BR>I hope that this helps. If not feel free to contact me.<BR><BR>Respectfully,<BR><BR>Jason Buck<BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts