Prev   Next

Back to the top of the FAQ

Q. I want the ability in ASP to take away content that a logged on user without sufficient privileges shouldn't see, for a particular page in a protected directory.

A. The answer is very similar to the question above.

Setup three groups in AuthentiX: Group1, Group2, Group3.

Protect /Main (the directory containing the page with the "variable" content") with all three groups.

in /Main/variable.asp have the following code:

' change this value if you are using AuthentiX ISP
usingAuthentiXStandard = false
if (usingAuthentiXStandard) then
axCtrlString = "AUTHXOCX.AuthXOCXCtrl.1"
Set auth = Server.CreateObject(axCtrlString) 
else
axCtrlString = "AUTHXISP.AuthXOCXCtrl.1"
Set auth = Server.CreateObject(axCtrlString) 
' use this line to automatically set 
' the domain to be the requesting IP
protectedDomain = Request.ServerVariables("LOCAL_ADDR")
' use this alternative if you are protecting by host header,  
' set protectedDomain to be -your- host header
'protectedDomain = "hostheader.com"
auth.SetVirtualDomain 
protectedDomain, Request.ServerVariables("SCRIPT_NAME")
' check with your isp for your password,  initially it is empty
auth.SetVirtualDomainPassword("")
end if

l = Request.ServerVariables("LOCAL_ADDR")
s = Request.ServerVariables("SCRIPT_NAME")
h = Request.ServerVariables("HTTP_AUTHORIZATION")
currentUser = 
auth.CurrentUserName(l, s, h)

if (0 = auth.GroupHasUser("Group1", currentUser)) Then
	response.Write("<P>Content for privilege level 1<P>")
elseif (0 = auth.GroupHasUser("Group2", currentUser)) Then
	response.Write("<P>Content for privilege level 2<P>")
elseif (0 = auth.GroupHasUser("Group3", currentUser)) Then
	response.Write("<P>Content for privilge level 3<P>")
else
	response.Write("Error - user not in any Group!")
	response.End
End If
The same mechanism can be used from cgi applications such as Cold Fusion (sample), Perl (sample), etc.

Back to the top of the FAQ

Prev   Next