Results 1 to 2 of 2

Thread: Authentication

  1. #1
    Join Date
    Dec 1969

    Default Authentication

    I&#039;m looking to lock down an mdb file on an NT4 server running IIS 4. I want certain people to be able to update the database, others just to read it. I set NTFS permissions, no access to the IUSER anonymous account, gave 2 domain users full access, myself read access. In IIS, I enabled NT Challenge/Response and disabled anonymous access. When I open the site, it prompts me for a username/password, after which it lets me in. However, I can change the contents of the database, even though I&#039;m only supposed to have read access.<BR>I suppose I could do something with:<BR>if not (request.server(auth_user)="firstuser" or request.server(auth_user)="seconduser") then<BR>response.redirect("accessdenied.asp")<BR>a nd put that code at the top of the submission page, but I was hoping there&#039;d be a better way. I thought NT and IIS would be able to handle this.<BR>Silly me.

  2. #2
    Join Date
    Dec 1969

    Default RE: Authentication

    if not (request.server(auth_user)="firstuser" or request.server(auth_user)="seconduser") then<BR>response.redirect("accessdenied.asp")<BR>< BR><BR>if this is what u typed than it willnot work.check the syntax.<BR>it is <BR><BR>request.servervariables("auth_user")

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts