|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Page Access Restriction
Hello Friends,
Suppose I have one website www.mywebsite.com and I have one page in this site as "myrestrictedpage.asp". The page "myrestrictedpage.asp" should NOT be accesible from the hosted website (www.mywebsite.com) instead of that the page can only be accessible only from : 1) www.OtherWeb1.com/welcomeuser.asp 2) www.OtherWeb5.com/ How can I do this? Please suggest. Thanks Prabhat something like www.aspprotect.com maybe, or you can do it on your own as
well are you talking about password protecting certain pages... Show quote "Prabhat" <not_a_m***@hotmail.com> wrote in message news:O3YLD9SbGHA.4912@TK2MSFTNGP05.phx.gbl... > Hello Friends, > > Suppose I have one website www.mywebsite.com and I have one page in this > site as "myrestrictedpage.asp". > > The page "myrestrictedpage.asp" should NOT be accesible from the hosted > website (www.mywebsite.com) instead of that the page can only be > accessible > only from : > 1) www.OtherWeb1.com/welcomeuser.asp > 2) www.OtherWeb5.com/ > > How can I do this? Please suggest. > > Thanks > Prabhat > > ahh opps.. misread question, sorry
you can check the server variables for the domain in question and allow or not allow access based on the one the person is viewing the site with Show quote "Prabhat" <not_a_m***@hotmail.com> wrote in message news:O3YLD9SbGHA.4912@TK2MSFTNGP05.phx.gbl... > Hello Friends, > > Suppose I have one website www.mywebsite.com and I have one page in this > site as "myrestrictedpage.asp". > > The page "myrestrictedpage.asp" should NOT be accesible from the hosted > website (www.mywebsite.com) instead of that the page can only be > accessible > only from : > 1) www.OtherWeb1.com/welcomeuser.asp > 2) www.OtherWeb5.com/ > > How can I do this? Please suggest. > > Thanks > Prabhat > > "Kyle Peterson" <kyle***@hotmail.com> wrote in message Can you post one small code fragment of that server veriables check please.news:#FJlbhTbGHA.4912@TK2MSFTNGP05.phx.gbl... > ahh opps.. misread question, sorry > > you can check the server variables for the domain in question and allow or > not allow access based on the one the person is viewing the site with > > Prabhat Prabhat wrote on 01 mei 2006 in microsoft.public.inetserver.asp.general:
> Suppose I have one website www.mywebsite.com and I have one page in [1]> this site as "myrestrictedpage.asp". > > The page "myrestrictedpage.asp" should NOT be accesible from the > hosted website (www.mywebsite.com) instead of that the page can only > be accessible only from : > 1) www.OtherWeb1.com/welcomeuser.asp > 2) www.OtherWeb5.com/ > You can do this rather safe by having the second server have an asp file, that datamines the rendered html[+clientside script] from a secretly named file on server 1. See <http://www.aspfaq.com/show.asp?id=2173> How do I read the contents of a remote web page? As an extra measure the secret file could be restricted by if request.servervariables("remote_addr") <> "IPofFirstServer" then response.end end if ============== [2] Or you can do this by redirecting the client's browser to the then nonsecret file on server 1, where that latter file checks the referrer. if Request.ServerVariables("HTTP_REFERER") <> "123.456.789.123" then server.transfer "/404.asp" then This referrer [mind the double rr and single r bug in ASP] business is not absolutely safe, I think. ============== [3] Working with passwords that go through the client is futile securitywize, unless you use one-time passwords generated by one of the servers and requested directly by the other, like in [1]. The generated password can be stored in an application variable and destroyed upon first request. A collision with two near simultaneous request is possible. -- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)  |
|||||||||||||||||||||||
Other interesting topics