Windows NT authentication and asp???

TheMSsForum.com: The Microsoft Software Forum

Hi,

Can someone tell me how I create a login page which
authenticates users against the servers user manager. I
want the login to be a form in my website not a pop up
window!

I would be grateful for any advice relating to this
subject. I have a script for windows 2000 active directory
but was wondering if you could achive the same with
windows NT 4 and IIS 4

Thanks for any help!

..:: Active Directory Example :..

<form action=authad.asp method=post>
Username: <input type=text name=strUserName><br>
Password: <input type=password name=strPassword><br>
<input type=submit name=btnSubmit>
</form>
<%
If Request.Form("strUsername") <> "" Then
Dim strADsPath
strADsPath = "WinNT://copenhagendome1"

'userid =
strUserName = "copenhagendome1\" & Request.Form
("strUserName")
strPassword = Request.Form("strPassword")

if (not strADsPath= "") then 'if and ADS Object path has
been provided
proceed with authentication

' bind to the ADSI object and authenticate Username and
password
Dim oADsObject
Set oADsObject = GetObject(strADsPath)
response.write "Authenticating...<br><br>"
Dim strADsNamespace
Dim oADsNamespace
strADsNamespace = left(strADsPath, instr
(strADsPath, ":"))
set oADsNamespace = GetObject(strADsNamespace)
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath,
strUserName,
strPassword, 0)
' we're only bound if err.number = 0
if not (Err.number = 0) then
Response.Write "<font color='red'><font size =
5><u><b>Authentication has
failed...<b></u></font></font>"
'Response.Write "Failed to bind to object <b>" &
strADsPath & "</b><br>"
'response.write err.description & "<p>"
'Response.write "Error number is " & err.number & "<br>"
Session("Auth") = "NO"
else
Response.Write "<font color='blue'>USER AUTHENTICATED!
</font><br>"
'Response.Write "Currently viewing object at <b>" &
oADsObject.ADsPath &
"</b><br>"
'Response.Write "Class is " & oADsObject.Class & "<br>"
Session("Auth") = "YES"
end if
'response.write "<p>"
end if
End If
%>
Top

Re: Windows NT authentication and asp??? by Tom

Tom
Tue Jul 22 05:57:37 CDT 2003

If this if for an intranet, then you can just use NT Authentication. Your
users won't see a login page at all, unless of course they haven't logged
into your domain.
If it's not for an intranet, then you don't want to do this, as you'd have
to create an account for all users.

"MyaTix" <bloggs@hotmail.com> wrote in message
news:07af01c35021$308fd020$a401280a@phx.gbl...
> Hi,
>
> Can someone tell me how I create a login page which
> authenticates users against the servers user manager. I
> want the login to be a form in my website not a pop up
> window!
>
> I would be grateful for any advice relating to this
> subject. I have a script for windows 2000 active directory
> but was wondering if you could achive the same with
> windows NT 4 and IIS 4
>
> Thanks for any help!
>
> ..:: Active Directory Example :..
>
> <form action=authad.asp method=post>
> Username: <input type=text name=strUserName><br>
> Password: <input type=password name=strPassword><br>
> <input type=submit name=btnSubmit>
> </form>
> <%
> If Request.Form("strUsername") <> "" Then
> Dim strADsPath
> strADsPath = "WinNT://copenhagendome1"
>
> 'userid =
> strUserName = "copenhagendome1\" & Request.Form
> ("strUserName")
> strPassword = Request.Form("strPassword")
>
> if (not strADsPath= "") then 'if and ADS Object path has
> been provided
> proceed with authentication
>
> ' bind to the ADSI object and authenticate Username and
> password
> Dim oADsObject
> Set oADsObject = GetObject(strADsPath)
> response.write "Authenticating...<br><br>"
> Dim strADsNamespace
> Dim oADsNamespace
> strADsNamespace = left(strADsPath, instr
> (strADsPath, ":"))
> set oADsNamespace = GetObject(strADsNamespace)
> Set oADsObject = oADsNamespace.OpenDSObject(strADsPath,
> strUserName,
> strPassword, 0)
> ' we're only bound if err.number = 0
> if not (Err.number = 0) then
> Response.Write "<font color='red'><font size =
> 5><u><b>Authentication has
> failed...<b></u></font></font>"
> 'Response.Write "Failed to bind to object <b>" &
> strADsPath & "</b><br>"
> 'response.write err.description & "<p>"
> 'Response.write "Error number is " & err.number & "<br>"
> Session("Auth") = "NO"
> else
> Response.Write "<font color='blue'>USER AUTHENTICATED!
> </font><br>"
> 'Response.Write "Currently viewing object at <b>" &
> oADsObject.ADsPath &
> "</b><br>"
> 'Response.Write "Class is " & oADsObject.Class & "<br>"
> Session("Auth") = "YES"
> end if
> 'response.write "<p>"
> end if
> End If
> %>


Top

Re: Windows NT authentication and asp??? by MyaTix

MyaTix
Tue Jul 22 06:28:22 CDT 2003

It is for an intranet but I want to give different users
different access rights to different areas of the site!

I don't want to have the NT popup username and password
screen appear I want it to be inbedded into the site.

Thanks

>-----Original Message-----
>If this if for an intranet, then you can just use NT
Authentication. Your
>users won't see a login page at all, unless of course
they haven't logged
>into your domain.
>If it's not for an intranet, then you don't want to do
this, as you'd have
>to create an account for all users.
>
>"MyaTix" <bloggs@hotmail.com> wrote in message
>news:07af01c35021$308fd020$a401280a@phx.gbl...
>> Hi,
>>
>> Can someone tell me how I create a login page which
>> authenticates users against the servers user manager. I
>> want the login to be a form in my website not a pop up
>> window!
>>
>> I would be grateful for any advice relating to this
>> subject. I have a script for windows 2000 active
directory
>> but was wondering if you could achive the same with
>> windows NT 4 and IIS 4
>>
>> Thanks for any help!
>>
>> ..:: Active Directory Example :..
>>
>> <form action=authad.asp method=post>
>> Username: <input type=text name=strUserName><br>
>> Password: <input type=password name=strPassword><br>
>> <input type=submit name=btnSubmit>
>> </form>
>> <%
>> If Request.Form("strUsername") <> "" Then
>> Dim strADsPath
>> strADsPath = "WinNT://copenhagendome1"
>>
>> 'userid =
>> strUserName = "copenhagendome1\" & Request.Form
>> ("strUserName")
>> strPassword = Request.Form("strPassword")
>>
>> if (not strADsPath= "") then 'if and ADS Object path has
>> been provided
>> proceed with authentication
>>
>> ' bind to the ADSI object and authenticate Username and
>> password
>> Dim oADsObject
>> Set oADsObject = GetObject(strADsPath)
>> response.write "Authenticating...<br><br>"
>> Dim strADsNamespace
>> Dim oADsNamespace
>> strADsNamespace = left(strADsPath, instr
>> (strADsPath, ":"))
>> set oADsNamespace = GetObject(strADsNamespace)
>> Set oADsObject = oADsNamespace.OpenDSObject
(strADsPath,
>> strUserName,
>> strPassword, 0)
>> ' we're only bound if err.number = 0
>> if not (Err.number = 0) then
>> Response.Write "<font color='red'><font size =
>> 5><u><b>Authentication has
>> failed...<b></u></font></font>"
>> 'Response.Write "Failed to bind to object <b>" &
>> strADsPath & "</b><br>"
>> 'response.write err.description & "<p>"
>> 'Response.write "Error number is " & err.number
& "<br>"
>> Session("Auth") = "NO"
>> else
>> Response.Write "<font color='blue'>USER AUTHENTICATED!
>> </font><br>"
>> 'Response.Write "Currently viewing object at <b>" &
>> oADsObject.ADsPath &
>> "</b><br>"
>> 'Response.Write "Class is " & oADsObject.Class
& "<br>"
>> Session("Auth") = "YES"
>> end if
>> 'response.write "<p>"
>> end if
>> End If
>> %>
>
>
>.
>
Top

Re: Windows NT authentication and asp??? by Tom

Tom
Tue Jul 22 07:08:54 CDT 2003

If you use NT Authentication, you can capture the Username using
Request.ServerVariables("LOGON_USER")
I haven't tried ADSI on NT4, but I think it works(?)

An application I built, used a database to hold usernames and groups
(different groups than NT.) At the top of each page, I checked the groups
that the user was a member of to see if they were authorized to use that
page.

A quick peek at 4guys
http://www.4guysfromrolla.com/webtech/LearnMore/adsi.asp implies that ADSI
does work with IIS4, so it may be worth taking a look.



"MyaTix" <Bloggs@hotmail.com> wrote in message
news:09b701c35044$5b947500$a401280a@phx.gbl...
> It is for an intranet but I want to give different users
> different access rights to different areas of the site!
>
> I don't want to have the NT popup username and password
> screen appear I want it to be inbedded into the site.
>
> Thanks
>
> >-----Original Message-----
> >If this if for an intranet, then you can just use NT
> Authentication. Your
> >users won't see a login page at all, unless of course
> they haven't logged
> >into your domain.
> >If it's not for an intranet, then you don't want to do
> this, as you'd have
> >to create an account for all users.
> >
> >"MyaTix" <bloggs@hotmail.com> wrote in message
> >news:07af01c35021$308fd020$a401280a@phx.gbl...
> >> Hi,
> >>
> >> Can someone tell me how I create a login page which
> >> authenticates users against the servers user manager. I
> >> want the login to be a form in my website not a pop up
> >> window!
> >>
> >> I would be grateful for any advice relating to this
> >> subject. I have a script for windows 2000 active
> directory
> >> but was wondering if you could achive the same with
> >> windows NT 4 and IIS 4
> >>
> >> Thanks for any help!
> >>
> >> ..:: Active Directory Example :..
> >>
> >> <form action=authad.asp method=post>
> >> Username: <input type=text name=strUserName><br>
> >> Password: <input type=password name=strPassword><br>
> >> <input type=submit name=btnSubmit>
> >> </form>
> >> <%
> >> If Request.Form("strUsername") <> "" Then
> >> Dim strADsPath
> >> strADsPath = "WinNT://copenhagendome1"
> >>
> >> 'userid =
> >> strUserName = "copenhagendome1\" & Request.Form
> >> ("strUserName")
> >> strPassword = Request.Form("strPassword")
> >>
> >> if (not strADsPath= "") then 'if and ADS Object path has
> >> been provided
> >> proceed with authentication
> >>
> >> ' bind to the ADSI object and authenticate Username and
> >> password
> >> Dim oADsObject
> >> Set oADsObject = GetObject(strADsPath)
> >> response.write "Authenticating...<br><br>"
> >> Dim strADsNamespace
> >> Dim oADsNamespace
> >> strADsNamespace = left(strADsPath, instr
> >> (strADsPath, ":"))
> >> set oADsNamespace = GetObject(strADsNamespace)
> >> Set oADsObject = oADsNamespace.OpenDSObject
> (strADsPath,
> >> strUserName,
> >> strPassword, 0)
> >> ' we're only bound if err.number = 0
> >> if not (Err.number = 0) then
> >> Response.Write "<font color='red'><font size =
> >> 5><u><b>Authentication has
> >> failed...<b></u></font></font>"
> >> 'Response.Write "Failed to bind to object <b>" &
> >> strADsPath & "</b><br>"
> >> 'response.write err.description & "<p>"
> >> 'Response.write "Error number is " & err.number
> & "<br>"
> >> Session("Auth") = "NO"
> >> else
> >> Response.Write "<font color='blue'>USER AUTHENTICATED!
> >> </font><br>"
> >> 'Response.Write "Currently viewing object at <b>" &
> >> oADsObject.ADsPath &
> >> "</b><br>"
> >> 'Response.Write "Class is " & oADsObject.Class
> & "<br>"
> >> Session("Auth") = "YES"
> >> end if
> >> 'response.write "<p>"
> >> end if
> >> End If
> >> %>
> >
> >
> >.
> >


Top