John Jansen, one of the FrontPage testers, sent me these three different ways to password protect pages in FrontPage.
Using a FrontPage site template and ASP
Using Code Snippets
Using ASP.NET
To password protect pages using a FrontPage site template and ASP
Here are specific steps to password protect pages using features built into FrontPage:
- From the File menu, click New.
- From the Web Site tab, select FrontPage Server Templates from the first list, and then select Database Interface Wizard from the second list.
- Type the location where you want to put your password protected page. This must be an Windows Web server running IIS.
- Click OK.
- In the Wizard…
- Click Next to create an ASP solution.
- Click Next to use the default name for the connection.
- Click Next to use the default columns in the table.
- Click Next after the DB is created.
- Click Next to use the default table.
- Check the box to use a Database Editor.
- Click Next.
- Choose a password and enter it.
- Click Next.
- Click Finish.
- After FrontPage finishes building the site, all of the necessary code for password protecting pages has been generated. In order to protect any new pages, simply put the following code:
<!-- #include file=”login.asa” -->
<%
If Session(SiteId) <> true Then
Response.Redirect(“login.asp?requester=<!--insert page name here-->”)
End If
%>
above the <HTML> tag on any page and save as .asp.
To password protect pages using Code Snippets
Here are steps to create password protected pages using code snippets:
- Create a new site in FrontPage.
- Create a new page and switch to Code view.
- Delete all the code in the new page.
- Paste the following code as a code snippet.
<%
Username="user"
Password="pass"
' if any of the variables do not match, create error message
if Request.Form("login") <> Username or Request.Form("password") <> Password then
MsgErr = "<h3>Authorization Failed.</h3>"
Response.Write MsgErr
' if correct, set the session variable and proceed
Else
Session("someStringValue") = true
' redirect
If Len(Request("requester")) > 0 Then
Response.Redirect (Request("requester"))
Else
Response.Redirect "protected.asp"
End if
End if
%>
<html>
<head>
<title>Results -- Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
</head>
<body bgcolor="#FFFFFF">
<FORM ACTION="login.asp" METHOD="post">
<h3>Login</h3>
<TABLE BORDER=0>
<TR>
<TD ALIGN="right">User name:</TD>
<TD><INPUT TYPE="text" NAME="login" size="10" VALUE=''/></TD>
</TR>
<TR>
<TD ALIGN="right">Password:</TD>
<TD><INPUT TYPE="password" NAME="password" size="10" VALUE=''/></TD>
</TR>
<TR>
<TD><input TYPE="hidden" NAME="requester" VALUE="<%=Server.HtmlEncode(Request("requester"))%>"></TD>
<TD></TD>
</TR>
<TR>
<TD align="left"><INPUT TYPE="submit" VALUE="Login"/></TD>
<TD></TD>
</TR>
</TABLE>
</FORM>
</body>
</html>
- Save page as login.asp.
- Create a new page and switch to Code view (or do this with any page you want to protect with a password).
- Above the opening <html> tag, paste in the following snippet.
<%
If Session("someStringValue") <> true Then
Response.Redirect("Login.asp?requester=protected.asp")
End If
%>
- Save this page as protected.asp (or replace the requester text above from protected.asp to the page name you are protecting).
- Browse to protected.asp.
To password protect pages using ASP.NET
Here are steps to password protect pages using ASP.NET:
- Create a new page in your Web site and switch to code view.
- Select and delete all the code in the page.
- Paste in the following code.
<html>
<body>
<h1>Please Log In</h1>
<hr>
<form runat="server">
<table cellpadding="8">
<tr>
<td>User Name:</td>
<td><asp:TextBox ID="UserName" RunAt="server" /></td>
</tr>
<tr>
<td>Password:</td>
<td><asp:TextBox ID="Password" TextMode="password" RunAt="server" /></td>
</tr>
<tr>
<td><asp:Button Text="Log In" OnClick="OnLogIn" RunAt="server" /></td>
<td></td>
</tr>
</table>
</form>
<hr>
<h3><asp:Label ID="Output" RunAt="server" /></h3>
</body>
</html>
<script language="C#" runat="server">
void OnLogIn (Object sender, EventArgs e)
{
if (FormsAuthentication.Authenticate (UserName.Text, Password.Text))
FormsAuthentication.RedirectFromLoginPage (UserName.Text, false);
else
Output.Text = "Invalid login";
}
</script>
- Save the page as loginpage.aspx.
- Create a new page and switch to code view.
- Select and delete the code in the page.
- Paste the following code into the new page.
<configuration>
<system.web>
<authentication mode="Forms">
<forms loginUrl="LoginPage.aspx">
<credentials passwordFormat="Clear">
<user name="Bruce" password="Batman"/>
</credentials>
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
- Save the page as web.config.
And that’s all there is to that. Any aspx pages in the same folder as the web.config file are protected.
