I am just playing with authentication, and I have set it up so it checks username and password . then creates a session. When you go to the protected page, it checks if the session is 0 or 1. I have a logout page, that has Session.Abandon in it, then redirects to another page. If I go up to the URL and type in the protected page, it accesses it. I viewed the session, and it was still set to 1. However, when I refresh the page, i am brought back to the login page. What is happening?
Customer wants users to authenticate based on where they came from. They have several locations that the users will be coming from. They don't want anyone to be able to access their website from anywhere other than these locations. The locations ip addresses will be changing regularly. Is there a way to have a page on the INTRANET internally that the users will go to and it will start a session or place a cookie and pass them to the website. The website then looks for that session or cookie and lets them in or denies them based on the session or cookie. The sites that they will be coming from are ASP and .NET servers and it encrypts the URL that it is coming from. The website it is going to is on a PHP server and is built on PHP and MySQL. I have asked this in like every forum on the internet I can find and no one seems to have a solution.
We are planning to set-up a load balanced web environment. Accordingly, we are going to change the session management on our website from the classic ASP Session State and session variables, to a database method.
Does any one have any pointers as to how I might approach this, so that I can have the same sort of functionality the ASP sessions give without having to create database columns for each session variable I wish to create. I am thinking along the lines of some serialised dictionary or something that I can stick in a blob column.
I was wanting to know if you could have a function within a session?Example: Code:
<% Session("Message") = MyFunction() %>
Is that possible? Ok, maybe not "is it possible" but can you use the session message to dictate where the function outputs its data? Here's why I'm asking. I have an online testing app that when a person selects the wrong answer the correct answer (along with a bunch of other stuff) will be displayed on the page. I'm getting it to display the correct answer and the other information, but the correct answer is at the top of the page screwing up my layout and the other information is doing what it should.
I am using ServerXmlHttp in a client-side component to basically talk back to the Server within a webpage. I would like to be able to cache some information on the server so that when I callback, I do not have to reconstitue everything that I did for the intial request. However, the Sessions are different.
Is there a way to get the ServerXmlHttp session to impersonate the IE client session? Code:
can any one tell me how to use sessions in asp for 2different users please?Is it straight forward? Never used them before, a friend said it is worth doing
I've just created a simple form that writes information to an Access database using ASP. Everything works fine. My question is, would there be any reason to use the session object other than for tracking purposes.
Specifically, does a session have any inportance on multiple users accessing pages and submitting the form inforamtion to the database. I was curious about errors to the database with multiple users submitting at the same time to the database. This is a small scale application and not expected to have large number of hits. As stated I'm new to using ASP and just wanted to get some input.
I have used SESSIONS on mission critical pages on my site, and if sessions are not enabled / supoorted - these pages will fail. When and why would a session fail? They do not store any info client side,and rely on the server to store session objects in memory, am I correct? Would security settings or privacy controls ever stop sessions working? Which "popular" browsers dont support sessions?
I don't know how to do anything with session and I don't need anything complicated at all. All i need it to do is like create a session when they login sucessfully. And like I want to add on every page if they don't have a session id and the correct access priveleges or watever to redirect them to the login page.how would i do that?
I've had a look around the site but can't find exactly what i'm looking for.I'm writing a small ticket booking engine in asp and am wondering about sessions.Do I need them ? and what is involved in adding them to my code?
a user logs into a website (im using acess for the database, asp for the pages), they are then in a members only area. They should have the ability to view their own personal details and change them if they wish. this should be updated in the database.
the problem is im not sure how to go about it. i seen sessions mentioned in tutorials but im still ,well, lost basically.
I've got two different sets of ASP scripts on my server. Each set is kept in their own directory. Both sets of scripts use sessions. I want to make sure that the sessions are not accidentially shared between the two sets as they are both different applications.
Right now I'm having a problem when I do a Session.Abandon from one set of scripts it also kills the session for the other set of scripts (I believe they are both using the exact same session). Is there some way I can make sure this doesn't happen?
I have a database add/view/edit/delete page, and you can only get to it by logging in at login.htm (where it checks username & pw and redirects you to the a/v/e/d page.) But if you know the 'Control Panel' address.
you can just type it in and get full access. I figured I must have to check everytime to make sure they logged in. what would be the best way to do this?
I had a contact form set up using CDONTS.NewMail and it worked fine for about two years. I just went in and changed the object to CDO.Message, and adjusted a few of the properties, and while the e-mailing portion of the code still works, none of the session variables on the page work any longer.
I had both the form validation and the message on the "thank you" page set using sessions from the page with the CDO code, but for some reason using CDO cancels the sessions so that Thank You page is blank and the form validation no longer announces which fields need to be completed.
i want users to login to my web application using SQL authentication i.e whenever the page opens, it should display the SQL server login window. i know Login feature is in dreamweaver MX that i use, but unathurized users can lookup the password in your database.
Is it possible to authenticate a user who is trying to access a certain Div on a page??? I know how to authenticate a user accessing a standard ASP page, but is this possible with a Div!
I have a page that authenticates users by reading Request.ServerVariables("AUTH_USER") and Request.ServerVariables("AUTH_TYPE"). When users try to access this page from windows NT/2000, it works fine (prompts them for their credentials when they're not on the same domain, and then lets them in). Now, some of the users got XP boxes, and can't get in to the page. It prompts them for their credentials but when they enter them, just keeps prompting them. The credentials they are entering are correct. What is different on XP that is causing this problem and is there any setting I can modify on the server side to prevent this from happening.
I have an asp page on IIS 5.0 and I''m trying to get a dialog box to pop up and ask for username password and domain to authenticate against NT. I have anonymous logins unchecked in the IIS properties page and access restricted on everything but it won''t ask for a username and password no matter what
I had to transfer an ASP Web Application (developed by another person) to a different web server. It seems to work but not completely.
I have some problems with authentication: it is based on a username and a password stored in a SQL Server's table. These data are requested via basic authentication (not a IIS level but I think it is used to create the authentication window in which put username and password). The problem is that it doesn't accept username and password and, after three times, it redirect me to a page telling "You don't have rights to see this page". What could I do? .....
I have no problems authenticating via AD and an ASP page. My question is this - is there any way to 'reverse' the process?
What I mean is the authenticated state remains as long as the browser window is open. Is there any .asp command I can provide that will revert the browser session back to IUSR?
I have an intranet asp application that sends emails that contain a link to an intranet page.I have a case where one user is forced to login to the windows domain when he clicks on the link,even though he is within the firewall & his Outlook security settings specify automatic login with the current name & password.
This doesn't happen with any other users unless they go through the firewall.The site is also recorded in the trusted sites section.