Stage 1 - Overview.

Essentially there are very few things to consider

1. unique way of identifying the user
2. persisting that user throughout the click stream
3. can/cannot use cookies

___________________________________________________

Cookies?

Now, if cookies ARE allowed, then #2 can easily be done by cookies. If not you have to use only the querystring & hidden form fields. Which means creating a simple function that will allow you to build valid querystrings (with your given param's it will make sure the unique identifier is in the string), and always remember to add the hidden field to your forms.

Unique Identifier

(Continue)

___________________________________________________

This is an introduction for State/Session Management 

Stage 2 - COM Introduction

These next two Stage's we will focus on the technology aspect. For simplicity sake (and since this site is dedicated to ASP) we will stick to ASP and COM for the implementation. Also, this article describes the situation where we do not depend on the client side support for cookies. Thus it is fully scaleable (no session object) and 100% compatible with every browser.

Essentially what causes most people the biggest headache's is the COM layer that I introduced in the previous article (Stage 1 - Overview). This is the layer which will be the main focus of this Stage. The final stage (State 3 - ASP Implementation) will cover the actual implementation in an ASP/IIS environment. It is assumed that you do have minor COM/COM+ experience and are familiar with Visual Basic.

Lets get started.

Step 1: Database

1. Open up your favorite DBMS product (SQL Server, Access, any ODBC compliant database will do)
2. Add your user table This is pretty open to your customization, but we will assume you will have at least these fields:

   fieldname	datatype	size	autonumber
   userid	integer/numeric	4/8	yes
   username	varchar/text	150	no
   password	varchar/text	150	no
   accesslevel*	int	150	no

3. If you wish you can also create an index on the userid, username, and password fields (optionally) because they will be the most used fields

(Continue)

___________________________________________________

This is an introduction for State/Session Management 

Stage 3 - ASP Implementation

You will need a couple of helper functions for this method of state management. All of these functions could be in one include file and included on each page you want to check for authentication.

1. the login function
   • this will do the login work and authenticate the user
   • here is where you will decide if your allowing the anonymous user to proceed
   • in your user database you could use a field "registered" to
   • indicate this status or even "accesslevel"
   • where if accesslevel = 0 then its anonymous and you could pre-defined levels of access to each user 1 = normal dot - com user 2 = internal employee account 3 = system administrator etc...
   
   
2. generic querystring builder helper function
   • take two parameters
   • one parameter is the typical name/value list similar to a normal querystring
   • the second param. is the valid UUID
   • only this function performs an INSTR on that string, and makes sure a valid UUID is contained within
   • pass back a valid string which contains that users UUID
   • this fuction will have to be caled for EVERY link that is built
   
   
3. generic hidden form field builder helper function

(Continue)

Next: Great Free ASP Code Sites

A terrific place to find out about the family and other related areas.
_______________________
EDA, Inc.

An Engineering Site with information about all engineering disciplines and many different free calculators.

All American Shopping.com

Find the best bargains with over 1000 stores to shop at.

Computer Stuff

Find anything you want in the computer sales area.