Hi all,

I would like to do sth like this:
when clicking a page, it show you do not have the authorize to view the
page,
but after login, it is ok to view the contain.

Could anyone give me a example or link, I do not have the ideas..
Thanks in advance.

You could simply disable anonymous access and make your users log in with
Windows accounts on the server. If they do not authenticate, they'll get
just what you said, "You are not authorized..."
http://www.iisfaq.com/?View=A26

Ray at work


"Marine Red" <marine@red.com> wrote in message
news:401faac2$1_2@rain.i-cable.com...[color=blue]
> Hi all,
>
> I would like to do sth like this:
> when clicking a page, it show you do not have the authorize to view the
> page,
> but after login, it is ok to view the contain.
>
> Could anyone give me a example or link, I do not have the ideas..
> Thanks in advance.
>
>
>[/color]

"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:u8EhK$l6DHA.3288@TK2MSFTNGP11.phx.gbl...[color=blue]
> You could simply disable anonymous access and make your users log in with
> Windows accounts on the server. If they do not authenticate, they'll get
> just what you said, "You are not authorized..."
> http://www.iisfaq.com/?View=A26
>
> Ray at work[/color]

But in the event that you don't have access to Windows accounts, you can
bake your own authentication. See this article for details:
http://www.aspfaq.com/show.asp?id=2114

Regards,
Peter Foti

Question...

Exactly how secure is the session("auth") = true method of
document security. I use it in a number of applications
but was wondering what level of security I am actually
applying. Can session variables be 'faked'?

Thanks.

[color=blue]
>-----Original Message-----
>"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot[/color]
com> wrote in[color=blue]
>message news:u8EhK$l6DHA.3288@TK2MSFTNGP11.phx.gbl...[color=green]
>> You could simply disable anonymous access and make your[/color][/color]
users log in with[color=blue][color=green]
>> Windows accounts on the server. If they do not[/color][/color]
authenticate, they'll get[color=blue][color=green]
>> just what you said, "You are not authorized..."
>> http://www.iisfaq.com/?View=A26
>>
>> Ray at work[/color]
>
>But in the event that you don't have access to Windows[/color]
accounts, you can[color=blue]
>bake your own authentication. See this article for[/color]
details:[color=blue]
>http://www.aspfaq.com/show.asp?id=2114
>
>Regards,
>Peter Foti
>
>
>.
>[/color]

Great thanks both, the problem has solved.



"Peter Foti" <peter@Idontwantnostinkingemailfromyou.com> ¦b¶l¥ó
news:101vfummitesv39@corp.supernews.com ¤¤¼¶¼g...[color=blue]
> "Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
> message news:u8EhK$l6DHA.3288@TK2MSFTNGP11.phx.gbl...[color=green]
> > You could simply disable anonymous access and make your users log in[/color][/color]
with[color=blue][color=green]
> > Windows accounts on the server. If they do not authenticate, they'll[/color][/color]
get[color=blue][color=green]
> > just what you said, "You are not authorized..."
> > http://www.iisfaq.com/?View=A26
> >
> > Ray at work[/color]
>
> But in the event that you don't have access to Windows accounts, you can
> bake your own authentication. See this article for details:
> http://www.aspfaq.com/show.asp?id=2114
>
> Regards,
> Peter Foti
>
>[/color]