by Dave B, November 14, 2004 08:58
I have IIS and Windows authentication setup to handle intranet web page access. The user must supply a valid WINDOWS username and password to access the site. Now I need to setup a web based login and password screen because I'm expanding system access. Most of the "guts" of the web page are completed except for this part.
I have setup a login page (login.odb) that validates user name and password which then redirects you to a another page (main.odb). However, I can get to main.odb w/out logging in if I know the url. So the login page shows up first at http://192.168.2.134/templates/login.odb which, upon valid username & password, takes you to http://192.168.2.134/templates/main.odb. But I can just paste http://192.168.2.134/templates/main.odb into the browser and it takes me to the same place w/out logging in.
I have SESSION command setup, but that seems to only apply to timing. Do I need to pass hidden variables from form to form so that if main.odb does not see the initial variable from the login page it tells the user to log back in? Am I way off base?
Any help would be much appricated.
Name E-mail optional TopicMessage:
HTTP Link: Link text: