Dynamic Responses

This document describes the data available to ASP or other CGI-programs when posting from DAP (WebQuota) or dynamic Access Denied responses (AuthentiX/WebQuota).

System Requirements

Wininet.dll must be present in the system32 directory. This will be automatically installed with Internet Explorer V3 and above.

Warning: At the present time, DAP uses wininet.dll, and has the same issues as Flicks Software's OCXHttp . The ability of Wininet.dll to work in a server environment has progressively degraded, see the FAQ item on this

Dictionary Attack Protection (DAP) enable you to detect and act upon dictionary attacks on your password protected IIS web server.

POST Data

The following data will be available to the receiving URL:

username
The failed username.
password
The failed password
referer
The refering URL
remote_addr
The remote IP address making the request
authorizingPath
The directory that AuthentiX is protecting that resulted in the denied access.
accessingPath
The actual URL that was requested and denied
servername
Name of the server providing the URL (ISP versions only).
errorCode
The error code indicating the kind of access denied according to the following table:
DENIED_EMPTY -2
DENIED_UNKNOWN_USER -3
DENIED_REFERRAL_BLOCK -4
DENIED_MULTI_BLOCKED -5
DENIED_BAD_PASSWORD -6
DENIED_EXPIRED -7
DENIED_ERROR -8
DENIED_ODBC_EXPIRED -9
DENIED_COOKIE_TIMED_OUT -10
DENIED_IP_BLOCK -11
DENIED_KBYTES -12
DENIED_REQUESTS -13
DENIED_SEQ_LOGINS -14
DENIED_FOOTPRINT -15
DENIED_DN_BLOCK -16
DENIED_UA_BLOCK -17
ODBC_EXCEPTION -21
ODBC_NO_CONNECT -22
Example

The following is a handy sample asp file to use.



<HTML>

<% 
Set mailer = Server.CreateObject("ASPMAIL.ASPMailCtrl.1") 
%>


<% 
msg = ""

msg = msg & vbCRLF & "Request.QueryString:" & vbCRLF

For Each Key In Request.QueryString 
	msg = msg & Key & " = " & Request.QueryString(Key) & vbCRLF
Next

msg = msg & vbCRLF & "Request.Form:" & vbCRLF
For Each Key In Request.Form
	msg = msg & Key & " = " & Request.Form(Key) & vbCRLF
Next

msg = msg & vbCRLF & "Request.Cookies:" & vbCRLF
For Each Cookie In Request.Cookies
	If Request.Cookies(cookie).HasKeys Then
		For Each Key In Request.Cookies(Cookie)
			msg = msg & Cookie & "(" & Key & ") = " & Request.Cookies(Cookie)(Key) & vbCRLF
		Next
	Else
	msg = msg & Cookie & " = " & Request.Cookies(Cookie) & vbCRLF
	End If
Next

msg = msg & vbCRLF & "Request.ServerVariables:" & vbCRLF
For Each Key In Request.ServerVariables
	msg = msg & Key & " = " & Request.ServerVariables(Key) & vbCRLF
Next 

recipient = "blackjack@molo.com" 'Request.QueryString("recipient")
sender = "blackjack@molo.com" 'Request.QueryString("sender")
subject = "Dictionary Attack Protection" 'Request.QueryString("subject")
message = msg
' insert your mail server here
mailserver = "mail.server.com"
result = mailer.SendMail(mailserver, recipient, sender, subject, message)
%>
<% If  "" = result Then %>
Mail has been sent.
<% Else %>
Mail was not sent, error message is
<H2>
<%= result %>
</H2>
<% End If %>
<P>
<HR>
<P>
<EM><B>
<a href="http://www.flicks.com/">Flicks Software</a>.
</B>
</EM>
</FONT>
</BODY>
</HTML>

 

Applies To

AuthentiX OCX Component