thanks Gonzalo
for your script.

-----Original Message-----
From: Gonzalo Ruiz de Villa Suárez
[mailto:gonzalo.ruizdevilla@a...]
Sent: 20 June 2001 15:25
To: Security_asp
Subject: [security_asp] RE: Plz Help "ASP Security Issue"


You can use a login page and a SessionVariable to store the group
of the user and then use this code to verify the permissions
with this code:

<%
Dim SessionGroup
Dim RedirectionValue
'This code in each page to limit access to the groups you want
'Don't put spaces between group names
SessionGroup = "group1,group2,group3,group4"
'Dirección to redirect in case user doesn't have permissions
RedirectionValue = "ErrorAutentificacion.asp"

%>


<%
'
'You can put this validation code in an include file
'Put the include at the header of the page, just below the other code
'


Dim SessionValue
Dim LoopLength
Dim ValidUser
'Comprobación de los permisos de los usuarios

'Sacamos los grupos
SessionGroup = Split(SessionGroup, ",")
LoopLength   = 0
ValidUser    = False
'Comprobamos que esté registrado
While (Ubound(SessionGroup) >= LoopLength And ValidUser = False)
  SessionValue = SessionGroup(LoopLength)
  If (Session("SessionPassword")<>"") Then
    If (Cstr(Session("SessionPassword"))=SessionValue) Then
      ValidUser = True
    End If
  End If
  LoopLength = LoopLength + 1
Wend
If (ValidUser = False) Then
Response.Redirect(Server.URLEncode(RedirectionValue))
'Fin de la comprobación
%>


-----Mensaje original-----
De: taher [mailto:taherm@f...]
Enviado el: miércoles, 20 de junio de 2001 9:29
Para: Security_asp
Asunto: [security_asp] Plz Help "ASP Security Issue"


scenario
i have designed an intranet and want to implement some user level security.
lets say for example there are 5 asp pages and 3 users. i want one of the
user to have full access , one user to view only 2 pages and other to view
other 3 asp pages.
Can i achieve this??
if yes then plz let me know the procedure to do it.
i would be greaful to you
i am using win2K server
thanks in advance