Password Protecting Folders?

[praveen100]

how do i password protect folders in my site. using asp.

i run win2000 server

please no cgi..

thanks..

[mulletboy2]

Do you mean using ASP password protection, or do you have access to create windows users and use a domain login?

If you have an ASP application (i.e use of global.asa, you can use a session_onstart/onend and application_onstart/onend to direct to login pages and set the usernames and passwords. You could use a database to store usernames and passwords, or you can hardcode your username and password into a login page, set a session variable to say they're logged in, and check in every page to make sure the session variable is set.

Can you give any more details? Some methods are preferable over others for security/maintainability

[praveen100]

what exactly i want it i have some 10-15 excel files which are meant for only members.

now i can just link them and ask them to see or download.

but the problem how do i protect excel files.

the user/visitor should enter a username and password to download them..

yes i use global.asa and i do not want to hardcode them..in to the asp files..


any idea?

ps. folder named excel should be protected and all its contents also

[mulletboy2]

I'd recommend a domain login then. You create it through IIS Snapin in mmc. You disable anonymous access to the resource, set which login type you want (bearing in mind that this IS crackable), and then any authenticated windows user can access the folder contents.