How to restrict logins

S

sroadley

Our school is using active directory and we have groups such as
students and staff. I have produced some asp applications which I only
want staff to access. I have produced a login page which checks their
login username and password held in active directory. The problem is I
do not know how to limit access to say the teachers group. Currently
any user who enters a valid username and password is let in.

Dim strADsPath

strADsPath = "LDAP://00.0.000.00"
Administrators,OU=JPS,OU=Establishments,DC=JOHNPORT,DC=INTERNAL"

strUserName = "JOHNPORT\" & Request.Form("strUserName")
strPassword = Request.Form("strPassword")

If (not strADsPath= "") then 'if and ADS Object path has been provided
proceed with authentication

Dim oADsObject
Set oADsObject = GetObject(strADsPath)
Dim strADsNamespace
Dim oADsNamespace
strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
set oADsNamespace = GetObject(strADsNamespace)
Set oADsObject = oADsNamespace.OpenDSObject(strADsPath,
strUserName,strPassword, 0)

If not (Err.number = 0) then
msg = "<font color=darkred>Login Failed</font>"
Sesson("active") = 0
Session("user") = ""
Else
Session("active") = 1
Session("user") = Request.Form("strUserName")
Response.Redirect "index.asp"
Response.End
End If

End If
 
H

Herb Martin

Our school is using active directory and we have groups such as
students and staff. I have produced some asp applications which I only
want staff to access. I have produced a login page which checks their
login username and password held in active directory. The problem is I
do not know how to limit access to say the teachers group. Currently
any user who enters a valid username and password is let in.
Click to expand...

Usually you assign permissions for those groups to the files the web server
much use to perform the actions.

No permissions means no access to THAT stuff. (remove the everyone
read etc from those files.)

BTW, you say you are "checking" the username and password; generally it
is preferable for INTERNAL applications/web_services to use Integrated
Authentication if all your users have IE. Then no explicit password is
sent, but rather the users credentials from logon to the domain are used.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Newbie Question - Visual Basic .NET Express 2005 & syntax 2
problems creating users in Active directory 5
problems creating a user in Active directory 1
Active Directory Error - The server is unwilling to process the request 0
System.Data ExecuteReader requires an open and available Connection 8
Problem reading data into Dataset 6
Pulling Fields from LDAP 3
webdav exchange query failing if first attempt fails 1

Top