ODBiC Discussion Board

form authentication

by Dave B, November 14, 2004 08:58

I have IIS and Windows authentication setup to handle intranet web page access. The user must supply a valid WINDOWS username and password to access the site. Now I need to setup a web based login and password screen because I'm expanding system access. Most of the "guts" of the web page are completed except for this part.

I have setup a login page (login.odb) that validates user name and password which then redirects you to a another page (main.odb). However, I can get to main.odb w/out logging in if I know the url. So the login page shows up first at which, upon valid username & password, takes you to But I can just paste into the browser and it takes me to the same place w/out logging in.

I have SESSION command setup, but that seems to only apply to timing. Do I need to pass hidden variables from form to form so that if main.odb does not see the initial variable from the login page it tells the user to log back in? Am I way off base?

Any help would be much appricated.

Thanks, Dave


Post Your Reply:

E-mail  optional

HTTP Link: 
Link text: 

Copyright ©1997-2003, Roger Harris. All rights reserved.