Results 1 to 3 of 3
  1. #1
    Lounger
    Join Date
    Jan 2001
    Location
    London, Ontario, Ontario, Canada
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Creating Security in Frontpage (Frontpage XP)

    I have a website that has two different sides to it. One for Clients and one for our dealers (who we wholesale products to). I wish to secure the dealer side to prevent consumers access to sensitive information that is available only to dealers. My plan is to implement a subweb for dealers only, publish a database with the dealers' info including their unique username and passwords. When they login, I would like the pages they click on to reflect who is logged in. i.e. A dealer logs in and their name, address etc show up.

    In addition, some dealers need to see some information that other dealers shouldn't.

    Question # 1
    Is the database method the best method for what I wish to do (using .asp and cookies)?

    Question # 2
    If the answer to Question # 1 is yes, then where can I go to find out how to do this? I am very familiar with using Frontpage, but rarely do any ASP programming and not very good at it, anyway.

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Creating Security in Frontpage (Frontpage XP)

    >Question # 1
    >Is the database method the best method for what I wish to do (using .asp and cookies)?

    This is a good "quick & dirty" solution. There are fancier ways, but having a cookie makes your life much easier because you don't have to keep passing a credential from page to page to page.

    >Question # 2
    >If the answer to Question # 1 is yes, then where can I go to find out how to do this? I am very familiar with using
    >Frontpage, but rarely do any ASP programming and not very good at it, anyway.

    FrontPage will create ASP pages automatically if you use its built-in database components. In fact, I think it will let you create a database on the fly. If you need to interact with another back-end database, then you should consider some of the ASP/database books or Database/Web books. I seem to have misplaced the one I thought was really helpful a couple of years ago, or I'd post the title.

    I'd imagine you could crib ASP code to work with cookies from lots of places.

    So maybe the scenario would be:

    (1) On the subweb home page, check for cookie and if not there, change to login page.
    (2) Submit to database and if the user's record is successfully retrieve, set a cookie and return to the previous page. If not, try again.
    (3) On all other pages, if there's no cookie, redirect (Response.Redirect) to the login page.

    If the information is really sensitive, you probably ought to review some books on securing web sites.

  3. #3
    Lounger
    Join Date
    Jan 2001
    Location
    London, Ontario, Ontario, Canada
    Posts
    37
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Creating Security in Frontpage (Frontpage XP)

    Thanks. That gives me a good start in the right direction. The information isn't TERRIBLY sensitive. I have found the database generator thingie in Frontpage to be very helpful with scripting examples, however, here's an interesting note. The most current IIS/Frontpage Extension Security Update alters things a bit. The syntax that the Frontpage Wizard uses to point to the database (../../blah.mdb) is no longer acceptable. I have to dig and come up with the work-around.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •