The Active Server Pages Session object provides a quick way to password-protect your pages and force users to log in. The trick is to set a Session variable once the user has been authenticated and then check for the value of the variable at the beginning of each ASP page. For example, this script, session.asp, checks the password (“mypassword”) that is passed from the form. If the password is correct, Session(“loginokay”) is set to true.
<%@ Language=VBScript %><%if Request("password1")="mypassword" thenSession("loginokay") = Trueend if%><%if Not Session("loginokay") then %><%else%>Continue<%end if%>
In subsequent pages, such as showall.asp shown here, check the value of Session(“loginokay”) and either allow the person in or send the person to the login page.
<%@ Language=VBScript %><%If Not Session("loginokay") Then Response.Redirect "session.asp"End If%>You are logged in.