CDONTS HELP! thanks

azndre · #1 (**permalink**) 06-30-04, 10:21

Hi,

I have a basic CDONTS form. On this form it pulls the users IP address and NTUSER Name. Now I set my web folder to not allow anonymous access.. soo if the user is not logged on to the network then they would get the windows authorization connection screen.

What I want to do is.. IF the user is not logged in .. then a pop up screen comes up giving instructions to that user.. then a link or a button the user clicks thats brings them to that activation connection screen to login.

now if the user is logged on to the network.. then this screen should not appear.. and that user would go directly into the page.

any help would be appreciated.. THANKS!

Code:

<%@ LANGUAGE="VBSCRIPT" %>
        <HTML>
        <HEAD>
        <META NAME="GENERATOR" Content="Microsoft FrontPage 4.0">
        <TITLE>Thank you!</TITLE>

         <%
        Sub Write(strWriteThis)
           response.write(strWriteThis & "<br>")
        end sub
 
         %>
        </HEAD>
        <BODY>
 
         <%
           Dim myCDONTSMail
           Dim strFrom
           Dim strTo
           Dim strSubject
           Dim strMessage
           Dim lngImportance
    

           strFrom="test@test.com"
           strTo="test@test.com"
           strSubject = "Authorization Form - " & UCASE(Request.Form("Field3"))
           strSpaces = Space(40)
           strBody= strSpaces & "Sabine River Works" & chr(10) & _
           strSpaces & "SRW Security" & chr(10) & _
           strSpaces & "SRW Vehicle Authorization" & chr(10) & chr(10) & _
           "1. Field1: " & UCASE(Request.Form("Field1")) & chr(10) & chr(10) & _
           "2. Field2: " & UCASE(Request.Form("Field2")) & chr(10) & chr(10) & _
           "3. Field3: " & UCASE((Request.Form("Field3"))) & chr(10) & chr(10) & _
           
           "Data sent from workstation: " & Request.ServerVariables("REMOTE_ADDR") & chr(10) & chr(10) & _
           "Domain/Username: " & UCASE(Request.ServerVariables("LOGON_USER")) 

           lngImportance = request.form("optImportance")
 
           Set myCDONTSMail = CreateObject("CDONTS.NewMail")
           myCDONTSMail.MailFormat = 1
           myCDONTSMail.BodyFormat = 1
           myCDONTSMail.Send strFrom,strTo,strSubject,strBody,lngImportance
 
           Set myCDONTSMail  = Nothing
           Write "Thank you!"
           %>
        </BODY>

        </HTML>

Seppuku · #2 (**permalink**) 06-30-04, 12:15

I'm not sure how that is related to a CDONTS issues...

I suppose you could have a page that is available to anonymous users. That page would check to see if they have a value for the NTUSER header. If so, it forwards them to the secured page. If not, it forwards them to another unsecured page that has instructions.

Another option would be to create the instruction page as the default 403 (Unathorized access) error page. Then when the user attempts to access the site, they'd be prompted for a username and password. If they fail 3 times or click cancel, they are redirected (by the server) to the default 403 page, which would be your instructions.

Bullschmidt · #3 (**permalink**) 06-30-04, 15:48

Here's something I put together about a regular login that might give you some ideas about the redirect.

Perhaps have a login page that asks the user for his username and password. And whatever page that posts to (which could be the same page for a self posting form) tests these fields against what is in the database, sets the username and userlevel session variables accordingly, and then redirects to the proper page - i.e. back to the login page if the password is wrong (perhaps with a JavaScript popup saying wrong username/password combination) or to the main menu page if the password is correct:

Session("UserName") = objRS("UserName")
Session("UserLevel") = objRS("UserLevel")
Response.Redirect "mainmenu.asp"

Then you can use If Then's or Select Case on each page to control whether a user is allowed to actually be there and whether particular links of where a user can go actually show up.

If (Session("UserLevel") <> "Admin") And (Session("UserLevel") <> "Regular") Then
Response.Redirect "login.asp"
End If

azndre · #4 (**permalink**) 06-30-04, 16:54

thanks for the ideas..

I really want to move away from the login screen..

that would be another user name and pw the user has to remember.. then someone would have to maintain these pws..

Seppuku,

I'll look into this a little more..

I am still open to other suggestions ..

thanks!

Seppuku · #5 (**permalink**) 06-30-04, 16:57

You could look into 3rd party single-signon tools, but it will cost $$. Our enterprise uses Siteminder to integrate with Active Directory and provide single-signon integration with many web and non-web applications.

Internet Services

Web Development

Digital Marketing

Consumer Tech