hiya

obviously the title, is nto detailed enough so here goes:

i want to make an initial page from where users can put username and password, and after that they can see exclusive pages, BUT

the other pages are sites that i have created in the past, so im not willing to change every single html/asp file so that they would take an new session variable to verify..

so i want to know, how can i make IE, and NS to show an, "access denied" whenever a user writes a deeper URL that the index one, .. can i do it from the IIS setting or something??
thanx:rolleyes:

My method would be to create a session variable, or write to a cookie upon logging in. Set the variable to something like "LoggedIn = true". Then create a page that checks that variable, or the cookie.

IF Logged in <> true then response.redirect(".........")

If you just use an include statement at the top of every page to include that file, it will execute that if statement first, and redirect off the page if the user isn't logged in.

I know you said you didn't want to change every page, but it's not going to take much to just copy in one include statement at the top of the page.

Above that, I would make sure you have an index or default page declared at every directory level, to keep people from browsing and seeing the directory structure.



<edit> Err....nm. I just realized you had said in your post that you wanted a server solution, using IIS. I do believe there is something that can be done, but I'm not much of a server-tweaking-type-kind-of-guy-dude. :)