Log in and security with classic asp

Discussion in 'ASP General' started by Jan T., Sep 9, 2008.

  1. Jan T.

    Jan T. Guest

    I wonder if anybody know a web site that has a good tutorial on this
    subject.

    What I want to do, is make a log in Page, and make sure that all my
    pages is validating that the user is loged in until he or she logs out.

    May be someone would like to give an example in this news group too?
    Thank you for any help!

    BTW, I am using Access 2000 and classic ASP.

    Regards
    Jan
     
    Jan T., Sep 9, 2008
    #1
    1. Advertising

  2. "Jan T." <> wrote in message
    news:...
    >I wonder if anybody know a web site that has a good tutorial on this
    >subject.
    >
    > What I want to do, is make a log in Page, and make sure that all my
    > pages is validating that the user is loged in until he or she logs out.
    >
    > May be someone would like to give an example in this news group too?
    > Thank you for any help!
    >
    > BTW, I am using Access 2000 and classic ASP.
    >


    You should be able to find enough help here:
    http://msconline.maconstate.edu/tutorials/ASP/default.htm

    Look specifically at the Database Access section (use the OleDb Provider)
    and the Using Session Variables chapter.

    --
    Mike Brind
    MVP - ASP/ASP.NET
     
    Mike Brind [MVP], Sep 9, 2008
    #2
    1. Advertising

  3. Jan T.

    Jan T. Guest

    Thank you very much. I have been reading most of it by now, but are still
    wondering
    if the system is safe enough? What I mean is, will it be enough to just
    check the session
    variable to verify that it is a valid user?

    I am a newbie with asp, so in such times as now, I am interested to know
    what the
    chances are for unauthorized to get in where it should only be for loged in
    persons.
    And the best way to stop unauthorized to get in.

    Thank you for any help or suggestions.

    Regards
    Jan




    "Mike Brind [MVP]" <> skrev i melding
    news:...
    >
    > "Jan T." <> wrote in message
    > news:...
    >>I wonder if anybody know a web site that has a good tutorial on this
    >>subject.
    >>
    >> What I want to do, is make a log in Page, and make sure that all my
    >> pages is validating that the user is loged in until he or she logs out.
    >>
    >> May be someone would like to give an example in this news group too?
    >> Thank you for any help!
    >>
    >> BTW, I am using Access 2000 and classic ASP.
    >>

    >
    > You should be able to find enough help here:
    > http://msconline.maconstate.edu/tutorials/ASP/default.htm
    >
    > Look specifically at the Database Access section (use the OleDb Provider)
    > and the Using Session Variables chapter.
    >
    > --
    > Mike Brind
    > MVP - ASP/ASP.NET
    >
     
    Jan T., Sep 13, 2008
    #3
  4. Yes - checking the session variable is enough. That is the defacto method
    for authentication.

    On a bit of a side note, you mention that you are new to ASP. I have no
    idea what the circumstances are that led you to beginning with ASP, but if
    you have a choice in the technology you can learn, you might want to
    consider ASP.NET (which is Microsoft's replacement for "classic ASP"). More
    can be found at www.asp.net/learn

    --
    Mike Brind
    MVP - ASP/ASP.NET

    "Jan T." <> wrote in message
    news:...
    > Thank you very much. I have been reading most of it by now, but are still
    > wondering
    > if the system is safe enough? What I mean is, will it be enough to just
    > check the session
    > variable to verify that it is a valid user?
    >
    > I am a newbie with asp, so in such times as now, I am interested to know
    > what the
    > chances are for unauthorized to get in where it should only be for loged
    > in persons.
    > And the best way to stop unauthorized to get in.
    >
    > Thank you for any help or suggestions.
    >
    > Regards
    > Jan
    >
    >
    >
    >
    > "Mike Brind [MVP]" <> skrev i melding
    > news:...
    >>
    >> "Jan T." <> wrote in message
    >> news:...
    >>>I wonder if anybody know a web site that has a good tutorial on this
    >>>subject.
    >>>
    >>> What I want to do, is make a log in Page, and make sure that all my
    >>> pages is validating that the user is loged in until he or she logs out.
    >>>
    >>> May be someone would like to give an example in this news group too?
    >>> Thank you for any help!
    >>>
    >>> BTW, I am using Access 2000 and classic ASP.
    >>>

    >>
    >> You should be able to find enough help here:
    >> http://msconline.maconstate.edu/tutorials/ASP/default.htm
    >>
    >> Look specifically at the Database Access section (use the OleDb Provider)
    >> and the Using Session Variables chapter.
    >>
    >> --
    >> Mike Brind
    >> MVP - ASP/ASP.NET
    >>

    >
    >
     
    Mike Brind [MVP], Sep 14, 2008
    #4
  5. Jan T.

    Jan T. Guest

    Well, I know vbscript and have tried to make a few sample asp applications,
    like
    a telephone cataloge an so on. I know a little Java but are unfamiliar to
    C#.
    In am experienced in vba, so I figured that classic asp was the easiest way?

    However, after having watch the first video, I am exited and I might just
    watch some
    more before desiding. I really liked what I saw. So thank you for a good
    tip!!

    Regards
    Jan



    "Mike Brind [MVP]" <> skrev i melding
    news:...
    > Yes - checking the session variable is enough. That is the defacto method
    > for authentication.
    >
    > On a bit of a side note, you mention that you are new to ASP. I have no
    > idea what the circumstances are that led you to beginning with ASP, but if
    > you have a choice in the technology you can learn, you might want to
    > consider ASP.NET (which is Microsoft's replacement for "classic ASP").
    > More can be found at www.asp.net/learn
    >
    > --
    > Mike Brind
    > MVP - ASP/ASP.NET
    >
    > "Jan T." <> wrote in message
    > news:...
    >> Thank you very much. I have been reading most of it by now, but are still
    >> wondering
    >> if the system is safe enough? What I mean is, will it be enough to just
    >> check the session
    >> variable to verify that it is a valid user?
    >>
    >> I am a newbie with asp, so in such times as now, I am interested to know
    >> what the
    >> chances are for unauthorized to get in where it should only be for loged
    >> in persons.
    >> And the best way to stop unauthorized to get in.
    >>
    >> Thank you for any help or suggestions.
    >>
    >> Regards
    >> Jan
    >>
    >>
    >>
    >>
    >> "Mike Brind [MVP]" <> skrev i melding
    >> news:...
    >>>
    >>> "Jan T." <> wrote in message
    >>> news:...
    >>>>I wonder if anybody know a web site that has a good tutorial on this
    >>>>subject.
    >>>>
    >>>> What I want to do, is make a log in Page, and make sure that all my
    >>>> pages is validating that the user is loged in until he or she logs out.
    >>>>
    >>>> May be someone would like to give an example in this news group too?
    >>>> Thank you for any help!
    >>>>
    >>>> BTW, I am using Access 2000 and classic ASP.
    >>>>
    >>>
    >>> You should be able to find enough help here:
    >>> http://msconline.maconstate.edu/tutorials/ASP/default.htm
    >>>
    >>> Look specifically at the Database Access section (use the OleDb
    >>> Provider) and the Using Session Variables chapter.
    >>>
    >>> --
    >>> Mike Brind
    >>> MVP - ASP/ASP.NET
    >>>

    >>
    >>

    >
    >
     
    Jan T., Sep 16, 2008
    #5
  6. "Mike Brind [MVP]" <> wrote in message
    news:...
    > Yes - checking the session variable is enough. That is the defacto method
    > for authentication.
    >
    > On a bit of a side note, you mention that you are new to ASP. I have no
    > idea what the circumstances are that led you to beginning with ASP, but if
    > you have a choice in the technology you can learn, you might want to
    > consider ASP.NET (which is Microsoft's replacement for "classic ASP").
    > More can be found at www.asp.net/learn


    Hi, Mike

    (As a little "testimonial" if you will) Not being a real developer I am sort
    of in a constant state of being "new" to ASP, most of my ASP stuff at work
    is just sort of side-projects and not part of my real job,...but there is no
    one else around here to do those, so there I am. I chose ASP Classic
    originally because ASP.Net had not come out yet,..but I have stayed with
    Classic because you don't have to buy anything,...you can just use Notepad
    to write it if you want to,...I couldn't afford the .Net Suite. I've been
    told you can do ASP.Net with Notepad,..but if it is as hard as it is with
    the Suite, it can't be "easier" with Notepad. Since then I have the Suite
    via an MSDN Subscritpion when I was an MVP, but that is getting about 2
    years old now (not an MVP now). I worked a little with ASP.Net but found it
    a whole lot harder to deal with and even the simplest things seem overly
    complex. Then the database access in the Suite is so heavily geared towards
    the SQL Express that is packaged with it that it became a complete mess to
    try to do anything with Access MDB files that I always use. SQL Express (or
    Full) just is not an option in most of my situations.

    So I will probably use ASP Classic for as long as IIS supports it,..and when
    it no longer supports it I will probably not do anything at all any longer.
    Then I'll just tell people,.."Don't look at me,...I'm not a developer". :)

    I do get tempted to "piddle" with the Suite from time to time (both VB.Net
    and ASP.net) but I don't see it ever becomming more than than. I don't
    currently have the Suite loaded on anything, but if I do it will probably be
    in a an XP virtual machine (Virtual PC) because the suite is so huge and
    intrusive that I don't want it on my machine I use all the time.

    Anyway, that is my little story. I don't post much in this group since my
    ASP skills aren't that high, but I like reading the answers people get and
    try to learn from them. My main area is the Networking Groups with a
    particular forcus on MS ISA Server (former ISA MVP).

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Sep 17, 2008
    #6
  7. "Phillip Windell" <> wrote in message
    news:...
    > "Mike Brind [MVP]" <> wrote in message
    > news:...
    >> Yes - checking the session variable is enough. That is the defacto
    >> method for authentication.
    >>
    >> On a bit of a side note, you mention that you are new to ASP. I have no
    >> idea what the circumstances are that led you to beginning with ASP, but
    >> if you have a choice in the technology you can learn, you might want to
    >> consider ASP.NET (which is Microsoft's replacement for "classic ASP").
    >> More can be found at www.asp.net/learn

    >
    > Hi, Mike
    >
    > (As a little "testimonial" if you will) Not being a real developer I am
    > sort of in a constant state of being "new" to ASP, most of my ASP stuff at
    > work is just sort of side-projects and not part of my real job,...but
    > there is no one else around here to do those, so there I am. I chose ASP
    > Classic originally because ASP.Net had not come out yet,..but I have
    > stayed with Classic because you don't have to buy anything,...you can just
    > use Notepad to write it if you want to,...I couldn't afford the .Net
    > Suite. I've been told you can do ASP.Net with Notepad,..but if it is as
    > hard as it is with the Suite, it can't be "easier" with Notepad. Since
    > then I have the Suite via an MSDN Subscritpion when I was an MVP, but that
    > is getting about 2 years old now (not an MVP now). I worked a little with
    > ASP.Net but found it a whole lot harder to deal with and even the simplest
    > things seem overly complex. Then the database access in the Suite is so
    > heavily geared towards the SQL Express that is packaged with it that it
    > became a complete mess to try to do anything with Access MDB files that I
    > always use. SQL Express (or Full) just is not an option in most of my
    > situations.
    >
    > So I will probably use ASP Classic for as long as IIS supports it,..and
    > when it no longer supports it I will probably not do anything at all any
    > longer. Then I'll just tell people,.."Don't look at me,...I'm not a
    > developer". :)
    >
    > I do get tempted to "piddle" with the Suite from time to time (both VB.Net
    > and ASP.net) but I don't see it ever becomming more than than. I don't
    > currently have the Suite loaded on anything, but if I do it will probably
    > be in a an XP virtual machine (Virtual PC) because the suite is so huge
    > and intrusive that I don't want it on my machine I use all the time.
    >
    > Anyway, that is my little story. I don't post much in this group since my
    > ASP skills aren't that high, but I like reading the answers people get and
    > try to learn from them. My main area is the Networking Groups with a
    > particular forcus on MS ISA Server (former ISA MVP).
    >


    Circumstances drove me to learn classic ASP, although ASP.NET was in v1.0 at
    the time. I looked at 1.1 and even bought VS2003, but just couldn't get on
    with it. When v2.0 came out, I downloaded the free Visual Web Developer,
    and had another look at ASP.NET, and got hooked. The (then) new Access- and
    SqlDataSource controls made things dead simple (although I use the
    ObjectDataSource now). I'm totally self-taught. Well, that's not strictly
    true - I got loads of free lessons from people like Bob Barrows, Aaron
    Bertrand, Anthony Jones, Dave Anderson and other regular contributors here.
    But the point is, if I can do it, then anyone with the will can do it.

    Microsoft (understandably) would prefer people to use SQL Server (Express),
    so they don't offer anything really in terms of help with using Access.
    I've tried to address that on my little site, and posted some items on the
    most common problems that people using Access with ASP.NET experience,
    although I haven't used Access myself for a couple of years in anger.

    Visual Web Developer is completely free, and its footprint is about a third
    that of Team Suite (from memory). Might be worth a look...

    --
    Mike Brind
    MVP - ASP/ASP.NET
     
    Mike Brind [MVP], Sep 17, 2008
    #7
  8. "Mike Brind [MVP]" <> wrote in message
    news:...
    >
    > Circumstances drove me to learn classic ASP, although ASP.NET was in v1.0
    > at the time. I looked at 1.1 and even bought VS2003, but just couldn't
    > get on with it. When v2.0 came out, I downloaded the free Visual Web
    > Developer, and had another look at ASP.NET, and got hooked. The (then)
    > new Access- and SqlDataSource controls made things dead simple (although I
    > use the ObjectDataSource now). I'm totally self-taught. Well, that's not
    > strictly true - I got loads of free lessons from people like Bob Barrows,
    > Aaron Bertrand, Anthony Jones, Dave Anderson and other regular
    > contributors here.


    Yep familar names :) Although I haven't seen Aarons Bertand's name around
    much anymore. I had breakfast with Bob Barrows one morning at one of the
    previous MVP Summits, but I don't know if he remembers me. Curt Christianson
    may have been at the table too, but its all getting a little fuzzy now. I
    have not been in the MVP program for about a year and a half now.

    > Visual Web Developer is completely free, and its footprint is about a
    > third that of Team Suite (from memory). Might be worth a look...


    Yea, I may have to check that out. Especially if they have improved things
    with more/better data access controls.

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Sep 17, 2008
    #8
  9. Phillip Windell wrote:
    > "Mike Brind [MVP]" <> wrote in message
    > news:...


    > Yep familar names :) Although I haven't seen Aarons Bertand's name
    > around much anymore. I had breakfast with Bob Barrows one morning at
    > one of the previous MVP Summits, but I don't know if he remembers me.
    > Curt Christianson may have been at the table too, but its all getting
    > a little fuzzy now. I have not been in the MVP program for about a
    > year and a half now.

    Your memory is fine, i would say :)
    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
     
    Bob Barrows [MVP], Sep 17, 2008
    #9
  10. "Mike Brind [MVP]" wrote:
    > Visual Web Developer is completely free, and its footprint is about
    > a third that of Team Suite (from memory). Might be worth a look...


    Unless things have changed from the last time I used it, Visual Web
    Developer 2008 has dropped support (Intellisense, code formatting, etc.) for
    classic ASP. This is a real shame, because VWB 2005 was a great IDE for
    classic ASP work. The full Visual Studio 2008 seems to have no such
    problems.



    --
    Dave Anderson

    Unsolicited commercial email will be read at a cost of $500 per message. Use
    of this email address implies consent to these terms.
     
    Dave Anderson, Sep 18, 2008
    #10
  11. "Dave Anderson" <> wrote in message
    news:%...
    > "Mike Brind [MVP]" wrote:
    >> Visual Web Developer is completely free, and its footprint is about
    >> a third that of Team Suite (from memory). Might be worth a look...

    >
    > Unless things have changed from the last time I used it, Visual Web
    > Developer 2008 has dropped support (Intellisense, code formatting, etc.)
    > for classic ASP. This is a real shame, because VWB 2005 was a great IDE
    > for classic ASP work. The full Visual Studio 2008 seems to have no such
    > problems.
    >


    I must confess that I haven't used VWD for a while, and found to my surprise
    when trying to check how large it was for Phillip that it has gone from my
    current machine. I must have removed it for some reason... If what you
    recall is true, I agree that its a shame. However, for a beginner in
    ASP.NET, VWD is a remarkably powerful tool, especially considering it costs
    nothing.

    --
    Mike Brind
    MVP - ASP/ASP.NET
     
    Mike Brind [MVP], Sep 18, 2008
    #11
  12. "Mike Brind [MVP]" wrote:
    > If what you recall is true, I agree that its a shame. However, for
    > a beginner in ASP.NET, VWD is a remarkably powerful tool, especially
    > considering it costs nothing.


    Oh, I certainly did not mean to imply otherwise. I agree completely.



    --
    Dave Anderson

    Unsolicited commercial email will be read at a cost of $500 per message. Use
    of this email address implies consent to these terms.
     
    Dave Anderson, Sep 18, 2008
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Henrik_the_boss
    Replies:
    0
    Views:
    2,662
    Henrik_the_boss
    Nov 5, 2003
  2. =?Utf-8?B?Sg==?=

    ASP.NET /Classic ASP Security Mix

    =?Utf-8?B?Sg==?=, Jul 13, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    628
    Raterus
    Jul 13, 2004
  3. Atlbike

    Classic asp security question

    Atlbike, Feb 21, 2007, in forum: ASP .Net
    Replies:
    0
    Views:
    370
    Atlbike
    Feb 21, 2007
  4. Tom Wingert
    Replies:
    0
    Views:
    335
    Tom Wingert
    Jan 12, 2006
  5. Replies:
    0
    Views:
    1,310
Loading...

Share This Page