Challenge/Response authentication through ASP?
Assign a session variable and key it against a database where password/names
are kept. If are in DB then assign some session variable and check for
it(session var) on the page. If it is there proceed/not - then redirect.
Remember, you may want to do the SSL thing for better security since this
type of thing is sent in the clear. You can get a free test certificate
from verisign for testing purposes.
ASP will check for the session variable and proceed from there.
Vince
Quote:
> This may not actually be the best way to do this, but can this be done?
> Basically, there's a Win32 Perl app in a directory that need to be
> password-protected. I set up username/password authentication with a
> database, but that doesn't stop someone who knows the URL to go directly
> to the directory with the Perl application. Since the Perl app is the
> default page for the directory (index.cgi), I don't know of a way to
> lock this down with ASP.
> My idea was to set up a generic username/password that would
> transparently be sent to the challenge/response after the user
> successfully logged in. How can I pass this generic username/password
> combo to authenticate? Or is there a better way?
> Thanks!
> MBJ
