thanks Alex for your suggestions



-----Original Message-----

From: Alex Shiell, ITS, EC, SE [mailto:alex.shiell@s...]

Sent: 20 June 2001 10:04

To: ASP Web HowTo

Subject: [asp_web_howto] RE: "ASP Security Issue"





Create security groups for the different levels of access; create 3

different folders; assign group 1 permission over all 3 folders, group 2

permission over 2 folders, and group 3 permission over 1 folder.  Then put

your ASPs into the appropriate folder according to which groups can access

them.  Disable anonymous access, enable some form of authentication and your

there.



However, you will probably want to build some kind of logic into your

application that will identify which group someone is in, and only show them

the links for what they can access.



Alternatively, you don't have to use NT security at all - you can build your

own security model.  Have a database of users, and a level of access

associated with each user.  Then you can easily display the correct links

for each user, and in each ASP have a line that tests the level of access

and redirects to an error page if its wrong.





-----Original Message-----

From: taherm@f...

[mailto:taherm@f...]

Sent: 20 June 2001 10:16

To: ASP Web HowTo

Subject: [asp_web_howto] "ASP Security Issue"





i have designed an intranet and want to implement some user level security.

lets say for example there are 5 asp pages and 3 users. i want one of the

user to have full access , one user to view only 2 pages and other to view

other 3 asp pages.

Can i achieve this??

if yes then plz let me know the procedure to do it.

i would be greaful to you

i am using win2K server

thanks in advance