Log in and security with classic asp

"Jan T." <My********************@hotmail.comwrote in message
news:OK**************@TK2MSFTNGP02.phx.gbl...

>I wonder if anybody know a web site that has a good tutorial on this
subject.

What I want to do, is make a log in Page, and make sure that all my
pages is validating that the user is loged in until he or she logs out.

May be someone would like to give an example in this news group too?
Thank you for any help!

BTW, I am using Access 2000 and classic ASP.

You should be able to find enough help here:
http://msconline.maconstate.edu/tuto...SP/default.htm

Look specifically at the Database Access section (use the OleDb Provider)
and the Using Session Variables chapter.

--
Mike Brind
MVP - ASP/ASP.NET

Thank you very much. I have been reading most of it by now, but are still
wondering
if the system is safe enough? What I mean is, will it be enough to just
check the session
variable to verify that it is a valid user?

I am a newbie with asp, so in such times as now, I am interested to know
what the
chances are for unauthorized to get in where it should only be for loged in
persons.
And the best way to stop unauthorized to get in.

Thank you for any help or suggestions.

Regards
Jan


"Mike Brind [MVP]" <pa*******@hotmail.comskrev i melding
news:e3**************@TK2MSFTNGP02.phx.gbl...

>
"Jan T." <My********************@hotmail.comwrote in message
news:OK**************@TK2MSFTNGP02.phx.gbl...

>>I wonder if anybody know a web site that has a good tutorial on this
subject.

What I want to do, is make a log in Page, and make sure that all my
pages is validating that the user is loged in until he or she logs out.

May be someone would like to give an example in this news group too?
Thank you for any help!

BTW, I am using Access 2000 and classic ASP.

You should be able to find enough help here:
http://msconline.maconstate.edu/tuto...SP/default.htm

Look specifically at the Database Access section (use the OleDb Provider)
and the Using Session Variables chapter.

--
Mike Brind
MVP - ASP/ASP.NET

Yes - checking the session variable is enough. That is the defacto method
for authentication.

On a bit of a side note, you mention that you are new to ASP. I have no
idea what the circumstances are that led you to beginning with ASP, but if
you have a choice in the technology you can learn, you might want to
consider ASP.NET (which is Microsoft's replacement for "classic ASP"). More
can be found at www.asp.net/learn

--
Mike Brind
MVP - ASP/ASP.NET

"Jan T." <My********************@hotmail.comwrote in message
news:u6**************@TK2MSFTNGP03.phx.gbl...

Thank you very much. I have been reading most of it by now, but are still
wondering
if the system is safe enough? What I mean is, will it be enough to just
check the session
variable to verify that it is a valid user?

I am a newbie with asp, so in such times as now, I am interested to know
what the
chances are for unauthorized to get in where it should only be for loged
in persons.
And the best way to stop unauthorized to get in.

Thank you for any help or suggestions.

Regards
Jan


"Mike Brind [MVP]" <pa*******@hotmail.comskrev i melding
news:e3**************@TK2MSFTNGP02.phx.gbl...

>>
"Jan T." <My********************@hotmail.comwrote in message
news:OK**************@TK2MSFTNGP02.phx.gbl...

>>>I wonder if anybody know a web site that has a good tutorial on this
subject.

What I want to do, is make a log in Page, and make sure that all my
pages is validating that the user is loged in until he or she logs out.

May be someone would like to give an example in this news group too?
Thank you for any help!

BTW, I am using Access 2000 and classic ASP.

You should be able to find enough help here:
http://msconline.maconstate.edu/tuto...SP/default.htm

Look specifically at the Database Access section (use the OleDb Provider)
and the Using Session Variables chapter.

--
Mike Brind
MVP - ASP/ASP.NET

Well, I know vbscript and have tried to make a few sample asp applications,
like
a telephone cataloge an so on. I know a little Java but are unfamiliar to
C#.
In am experienced in vba, so I figured that classic asp was the easiest way?

However, after having watch the first video, I am exited and I might just
watch some
more before desiding. I really liked what I saw. So thank you for a good
tip!!

Regards
Jan

"Mike Brind [MVP]" <pa*******@hotmail.comskrev i melding
news:OX**************@TK2MSFTNGP02.phx.gbl...

Yes - checking the session variable is enough. That is the defacto method
for authentication.

On a bit of a side note, you mention that you are new to ASP. I have no
idea what the circumstances are that led you to beginning with ASP, but if
you have a choice in the technology you can learn, you might want to
consider ASP.NET (which is Microsoft's replacement for "classic ASP").
More can be found at www.asp.net/learn

--
Mike Brind
MVP - ASP/ASP.NET

"Jan T." <My********************@hotmail.comwrote in message
news:u6**************@TK2MSFTNGP03.phx.gbl...

>Thank you very much. I have been reading most of it by now, but are still
wondering
if the system is safe enough? What I mean is, will it be enough to just
check the session
variable to verify that it is a valid user?

I am a newbie with asp, so in such times as now, I am interested to know
what the
chances are for unauthorized to get in where it should only be for loged
in persons.
And the best way to stop unauthorized to get in.

Thank you for any help or suggestions.

Regards
Jan


"Mike Brind [MVP]" <pa*******@hotmail.comskrev i melding
news:e3**************@TK2MSFTNGP02.phx.gbl...

>>>
"Jan T." <My********************@hotmail.comwrote in message
news:OK**************@TK2MSFTNGP02.phx.gbl...
I wonder if anybody know a web site that has a good tutorial on this
subject.

What I want to do, is make a log in Page, and make sure that all my
pages is validating that the user is loged in until he or she logs out.

May be someone would like to give an example in this news group too?
Thank you for any help!

BTW, I am using Access 2000 and classic ASP.
You should be able to find enough help here:
http://msconline.maconstate.edu/tuto...SP/default.htm

Look specifically at the Database Access section (use the OleDb
Provider) and the Using Session Variables chapter.

--
Mike Brind
MVP - ASP/ASP.NET

"Mike Brind [MVP]" <pa*******@hotmail.comwrote in message
news:OX**************@TK2MSFTNGP02.phx.gbl...

Yes - checking the session variable is enough. That is the defacto method
for authentication.

On a bit of a side note, you mention that you are new to ASP. I have no
idea what the circumstances are that led you to beginning with ASP, but if
you have a choice in the technology you can learn, you might want to
consider ASP.NET (which is Microsoft's replacement for "classic ASP").
More can be found at www.asp.net/learn

Hi, Mike

(As a little "testimonial" if you will) Not being a real developer I am sort
of in a constant state of being "new" to ASP, most of my ASP stuff at work
is just sort of side-projects and not part of my real job,...but there is no
one else around here to do those, so there I am. I chose ASP Classic
originally because ASP.Net had not come out yet,..but I have stayed with
Classic because you don't have to buy anything,...you can just use Notepad
to write it if you want to,...I couldn't afford the .Net Suite. I've been
told you can do ASP.Net with Notepad,..but if it is as hard as it is with
the Suite, it can't be "easier" with Notepad. Since then I have the Suite
via an MSDN Subscritpion when I was an MVP, but that is getting about 2
years old now (not an MVP now). I worked a little with ASP.Net but found it
a whole lot harder to deal with and even the simplest things seem overly
complex. Then the database access in the Suite is so heavily geared towards
the SQL Express that is packaged with it that it became a complete mess to
try to do anything with Access MDB files that I always use. SQL Express (or
Full) just is not an option in most of my situations.

So I will probably use ASP Classic for as long as IIS supports it,..and when
it no longer supports it I will probably not do anything at all any longer.
Then I'll just tell people,.."Don't look at me,...I'm not a developer". :-)

I do get tempted to "piddle" with the Suite from time to time (both VB.Net
and ASP.net) but I don't see it ever becomming more than than. I don't
currently have the Suite loaded on anything, but if I do it will probably be
in a an XP virtual machine (Virtual PC) because the suite is so huge and
intrusive that I don't want it on my machine I use all the time.

Anyway, that is my little story. I don't post much in this group since my
ASP skills aren't that high, but I like reading the answers people get and
try to learn from them. My main area is the Networking Groups with a
particular forcus on MS ISA Server (former ISA MVP).

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

"Phillip Windell" <ph*********@hotmail.comwrote in message
news:el**************@TK2MSFTNGP02.phx.gbl...

"Mike Brind [MVP]" <pa*******@hotmail.comwrote in message
news:OX**************@TK2MSFTNGP02.phx.gbl...

>Yes - checking the session variable is enough. That is the defacto
method for authentication.

On a bit of a side note, you mention that you are new to ASP. I have no
idea what the circumstances are that led you to beginning with ASP, but
if you have a choice in the technology you can learn, you might want to
consider ASP.NET (which is Microsoft's replacement for "classic ASP").
More can be found at www.asp.net/learn

Hi, Mike

(As a little "testimonial" if you will) Not being a real developer I am
sort of in a constant state of being "new" to ASP, most of my ASP stuff at
work is just sort of side-projects and not part of my real job,...but
there is no one else around here to do those, so there I am. I chose ASP
Classic originally because ASP.Net had not come out yet,..but I have
stayed with Classic because you don't have to buy anything,...you can just
use Notepad to write it if you want to,...I couldn't afford the .Net
Suite. I've been told you can do ASP.Net with Notepad,..but if it is as
hard as it is with the Suite, it can't be "easier" with Notepad. Since
then I have the Suite via an MSDN Subscritpion when I was an MVP, but that
is getting about 2 years old now (not an MVP now). I worked a little with
ASP.Net but found it a whole lot harder to deal with and even the simplest
things seem overly complex. Then the database access in the Suite is so
heavily geared towards the SQL Express that is packaged with it that it
became a complete mess to try to do anything with Access MDB files that I
always use. SQL Express (or Full) just is not an option in most of my
situations.

So I will probably use ASP Classic for as long as IIS supports it,..and
when it no longer supports it I will probably not do anything at all any
longer. Then I'll just tell people,.."Don't look at me,...I'm not a
developer". :-)

I do get tempted to "piddle" with the Suite from time to time (both VB.Net
and ASP.net) but I don't see it ever becomming more than than. I don't
currently have the Suite loaded on anything, but if I do it will probably
be in a an XP virtual machine (Virtual PC) because the suite is so huge
and intrusive that I don't want it on my machine I use all the time.

Anyway, that is my little story. I don't post much in this group since my
ASP skills aren't that high, but I like reading the answers people get and
try to learn from them. My main area is the Networking Groups with a
particular forcus on MS ISA Server (former ISA MVP).

Circumstances drove me to learn classic ASP, although ASP.NET was in v1.0 at
the time. I looked at 1.1 and even bought VS2003, but just couldn't get on
with it. When v2.0 came out, I downloaded the free Visual Web Developer,
and had another look at ASP.NET, and got hooked. The (then) new Access- and
SqlDataSource controls made things dead simple (although I use the
ObjectDataSource now). I'm totally self-taught. Well, that's not strictly
true - I got loads of free lessons from people like Bob Barrows, Aaron
Bertrand, Anthony Jones, Dave Anderson and other regular contributors here.
But the point is, if I can do it, then anyone with the will can do it.

Microsoft (understandably) would prefer people to use SQL Server (Express),
so they don't offer anything really in terms of help with using Access.
I've tried to address that on my little site, and posted some items on the
most common problems that people using Access with ASP.NET experience,
although I haven't used Access myself for a couple of years in anger.

Visual Web Developer is completely free, and its footprint is about a third
that of Team Suite (from memory). Might be worth a look...

--
Mike Brind
MVP - ASP/ASP.NET

"Mike Brind [MVP]" <pa*******@hotmail.comwrote in message
news:ek**************@TK2MSFTNGP05.phx.gbl...

>
Circumstances drove me to learn classic ASP, although ASP.NET was in v1.0
at the time. I looked at 1.1 and even bought VS2003, but just couldn't
get on with it. When v2.0 came out, I downloaded the free Visual Web
Developer, and had another look at ASP.NET, and got hooked. The (then)
new Access- and SqlDataSource controls made things dead simple (although I
use the ObjectDataSource now). I'm totally self-taught. Well, that's not
strictly true - I got loads of free lessons from people like Bob Barrows,
Aaron Bertrand, Anthony Jones, Dave Anderson and other regular
contributors here.

Yep familar names :-) Although I haven't seen Aarons Bertand's name around
much anymore. I had breakfast with Bob Barrows one morning at one of the
previous MVP Summits, but I don't know if he remembers me. Curt Christianson
may have been at the table too, but its all getting a little fuzzy now. I
have not been in the MVP program for about a year and a half now.

Visual Web Developer is completely free, and its footprint is about a
third that of Team Suite (from memory). Might be worth a look...

Yea, I may have to check that out. Especially if they have improved things
with more/better data access controls.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

Phillip Windell wrote:

"Mike Brind [MVP]" <pa*******@hotmail.comwrote in message
news:ek**************@TK2MSFTNGP05.phx.gbl...

Yep familar names :-) Although I haven't seen Aarons Bertand's name
around much anymore. I had breakfast with Bob Barrows one morning at
one of the previous MVP Summits, but I don't know if he remembers me.
Curt Christianson may have been at the table too, but its all getting
a little fuzzy now. I have not been in the MVP program for about a
year and a half now.

Your memory is fine, i would say :-)
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

"Mike Brind [MVP]" wrote:

Visual Web Developer is completely free, and its footprint is about
a third that of Team Suite (from memory). Might be worth a look...

Unless things have changed from the last time I used it, Visual Web
Developer 2008 has dropped support (Intellisense, code formatting, etc.) for
classic ASP. This is a real shame, because VWB 2005 was a great IDE for
classic ASP work. The full Visual Studio 2008 seems to have no such
problems.

--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.

"Dave Anderson" <AF**********@spammotel.comwrote in message
news:%2***************@TK2MSFTNGP02.phx.gbl...

"Mike Brind [MVP]" wrote:

>Visual Web Developer is completely free, and its footprint is about
a third that of Team Suite (from memory). Might be worth a look...

Unless things have changed from the last time I used it, Visual Web
Developer 2008 has dropped support (Intellisense, code formatting, etc.)
for classic ASP. This is a real shame, because VWB 2005 was a great IDE
for classic ASP work. The full Visual Studio 2008 seems to have no such
problems.

I must confess that I haven't used VWD for a while, and found to my surprise
when trying to check how large it was for Phillip that it has gone from my
current machine. I must have removed it for some reason... If what you
recall is true, I agree that its a shame. However, for a beginner in
ASP.NET, VWD is a remarkably powerful tool, especially considering it costs
nothing.

--
Mike Brind
MVP - ASP/ASP.NET

"Mike Brind [MVP]" wrote:

If what you recall is true, I agree that its a shame. However, for
a beginner in ASP.NET, VWD is a remarkably powerful tool, especially
considering it costs nothing.

Oh, I certainly did not mean to imply otherwise. I agree completely.

--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.