L
Lorenzo
I had to transfer an ASP Web Application (developed by another person) to a
different web server. It seems to work but not completely.
I have some problems with authentication: it is based on a username and a
password stored in a SQL Server's table. These data are requested via basic
authentication (not a IIS level but I think it is used to create the
authentication window in which put username and password). The problem is
that it doesn't accept username and password and, after three times, it
redirect me to a page telling "You don't have rights to see this page". What
could I do?
Thanks a lot
Lorenzo
Here's the code:
<%
Dim attivo
attivo = 0
SET UUEncode = Server.CreateObject( "Scripting.Dictionary" )
FOR i=0 TO 63
SELECT CASE i
CASE 0 offset = 65
CASE 26 offset = 71
CASE 52 offset = -4
END SELECT
UUEncode( CHR( i + offset) ) = i
NEXT
Function Decode ( TheString )
For byteGroup = 1 To Len( theString ) Step 4
numBytes = 3
groupBytes = 0
For CharCounter = 0 to 3
thisChar = Mid( theString, byteGroup + CharCounter, 1)
If thisChar = "=" Then
numBytes = numBytes - 1
thisByte = 0
Else
thisByte = UUEncode( thisChar )
End If
groupBytes = 64 * groupBytes + thisByte
Next
For k = 1 To numBytes
Select Case k
CASE 1: thisChar = groupBytes \ 65536
CASE 2: thisChar = (groupBytes And 65535) \ 256
CASE 3: thisChar = (groupBytes And 255)
End Select
Decode = Decode & Chr( thisChar )
Next
Next
End Function
auth = TRIM(Request.ServerVariables("HTTP_AUTHORIZATION"))
IF auth = "" THEN
Response.Status = "401 Not Authorized"
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
Response.End
END IF
auth = TRIM( MID( auth, 6) )
auth = Decode( auth )
authSplit = SPLIT( auth, ":" )
username = authSplit( 0 )
password = authSplit( 1 )
Set objConn=Server.CreateObject("ADODB.Connection")
objConn.ConnectionString=CONNECTION
objConn.Open
sqlString = "SELECT username, password, codice_utente FROM " & user
&"a_dati_utente WHERE username ='" & username & "' AND password='" &
password & "'"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open sqlString, objConn
IF RS.EOF THEN
Response.Status = "401 Not Authorized"
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
Response.End
END IF
dim id_utente, id_periodico, id_numero, scaricato, codice_utente,
checkLogin, us, pwd
checkLogin = False
us = TRIM(RS("username"))
psw = TRIM(RS("password"))
if (username=us And password=psw) then
checkLogin = True
End If
If (checkLogin = False) Then
Response.Status = "401 Not Authorized" 'nessun record trovato
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
Response.End
End If
codice_utente = rs("codice_utente")
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
%>
different web server. It seems to work but not completely.
I have some problems with authentication: it is based on a username and a
password stored in a SQL Server's table. These data are requested via basic
authentication (not a IIS level but I think it is used to create the
authentication window in which put username and password). The problem is
that it doesn't accept username and password and, after three times, it
redirect me to a page telling "You don't have rights to see this page". What
could I do?
Thanks a lot
Lorenzo
Here's the code:
<%
Dim attivo
attivo = 0
SET UUEncode = Server.CreateObject( "Scripting.Dictionary" )
FOR i=0 TO 63
SELECT CASE i
CASE 0 offset = 65
CASE 26 offset = 71
CASE 52 offset = -4
END SELECT
UUEncode( CHR( i + offset) ) = i
NEXT
Function Decode ( TheString )
For byteGroup = 1 To Len( theString ) Step 4
numBytes = 3
groupBytes = 0
For CharCounter = 0 to 3
thisChar = Mid( theString, byteGroup + CharCounter, 1)
If thisChar = "=" Then
numBytes = numBytes - 1
thisByte = 0
Else
thisByte = UUEncode( thisChar )
End If
groupBytes = 64 * groupBytes + thisByte
Next
For k = 1 To numBytes
Select Case k
CASE 1: thisChar = groupBytes \ 65536
CASE 2: thisChar = (groupBytes And 65535) \ 256
CASE 3: thisChar = (groupBytes And 255)
End Select
Decode = Decode & Chr( thisChar )
Next
Next
End Function
auth = TRIM(Request.ServerVariables("HTTP_AUTHORIZATION"))
IF auth = "" THEN
Response.Status = "401 Not Authorized"
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
Response.End
END IF
auth = TRIM( MID( auth, 6) )
auth = Decode( auth )
authSplit = SPLIT( auth, ":" )
username = authSplit( 0 )
password = authSplit( 1 )
Set objConn=Server.CreateObject("ADODB.Connection")
objConn.ConnectionString=CONNECTION
objConn.Open
sqlString = "SELECT username, password, codice_utente FROM " & user
&"a_dati_utente WHERE username ='" & username & "' AND password='" &
password & "'"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open sqlString, objConn
IF RS.EOF THEN
Response.Status = "401 Not Authorized"
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
Response.End
END IF
dim id_utente, id_periodico, id_numero, scaricato, codice_utente,
checkLogin, us, pwd
checkLogin = False
us = TRIM(RS("username"))
psw = TRIM(RS("password"))
if (username=us And password=psw) then
checkLogin = True
End If
If (checkLogin = False) Then
Response.Status = "401 Not Authorized" 'nessun record trovato
Response.AddHeader "WWW-Authenticate", "Basic realm=""localhost"""
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
Response.End
End If
codice_utente = rs("codice_utente")
RS.Close
Set RS = Nothing
objConn.Close
Set objConn = Nothing
%>