Cookie authentication makes use of functionality at the scripting level to
provide user authentication.
How to configure in IIS:
- This does not require specific IIS server
configuration but rather ASP script configuration
- The following code would need to be placed at the
top of each page you wanted to protect:
If Session("login") = FALSE Then
Response.Write "You are logged in"
- The following code is an example of a simple
if request.form("password") = "yourpass" then
session("login") = TRUE
<form method="POST" action="login.asp"
<input type="text" name="password" size="20"><input type="submit" value="login"
- This code could be expanded to tie into a
database and track usernames as well as passwords but the concept is
the same as this hardcoded sample with a password of "yourpass".
- Can use custom designed login form
- Can store usernames and passwords independently
of NT users
- This will only protect ASP scripts (not images,
- This requires that users browsers support cookies
and have them enabled
- protection must be implemented on a per page
basis (for example a directory can not be protected)