How can I protect an ASP Classic page with either HTTP AUTH (you must provide a username and password to service) or a randomly generated access key that will be included as one of the parameters of the HTTP POST using the variable name access_key.
Can anybody provide asp classic code in this regard?
Quick help will be appreciated...
PS: OrderGroove is a 3rd party service... neglect it.
Basic HTTP Authentication is something you can turn on by configuring your web server (probably IIS). There isn't any ASP classic code that can do it, as far as I know.
Another option is to store login information in a Session variable (i.e. Session("LoggedInUser")). On every page, just check to see if that variable is set, and if it's not, redirect them to a login page.
Note that both these methods will send username/password unencrypted, so you would probably want to get an SSL certificate for security reasons.
See also:
http://stackoverflow.com/questions/208063/http-authentication-basic-or-digest-in-asp-classic-via-iis http://www.4guysfromrolla.com/webtech/020201-1.shtml
You can manipulate IIS metadata using the IIS:// protocol scheme with GetObject. Check out your adsutil.vbs file, usually in C:\Inetpub\AdminScripts
Furthermore you can implement Basic Auth with plain/text by getting/setting HTTP Headers along with a Base64 encoder/decoder. Although this is highly insecure.