This page was written by Christopher Spry. This method uses Microsoft's 'active server pages' to provide a script to check the password before opening a password-protected 'page' on a Microsoft web server. This guide applies to both 'FrontPage'98' and 'FrontPage 2000'.
You will make three pages - a page where the password is entered, a page where the password is entered again if it was entered incorrectly and a 'protected' page on a Microsoft web server. In the example used here, they are called 'password_enter.html', 'password_enter_again.html' and 'password_protected.asp', respectively. Note that the 'protected' page contains a script that can only be run on web servers, such as Microsoft's 'IIS' servers, that supports 'active server pages' or 'asp'. The first two pages, where the password is entered, can be on any web server. It simply passes the 'password' to the Microsoft server which checks it with the 'asp' script, shown below.
(a) In 'FrontPage' open a new page. It will be called here 'password_enter.html'. In this page, a user will have to enter a password to access the second password-protected page called here 'password_protected.asp'. You will create the latter in (b). In the new page, click on 'Insert | Form | One-line Text Box'. Type in the left side of the box, just inside the dotted edge, 'Enter password:'. Select from the menu at the top of 'FrontPage Editor': 'File | Properties' and in the 'Title' box enter 'password entry' then 'OK'. Right-click inside the space in the 'one-line text box' you made earlier (the space where users will enter a password) and scroll down to 'Form Field Properties'. In the 'Name' box, enter 'pwfield', click Password field 'Yes' to give asterisks on screen instead of an entered password, 'OK'. Right-click in the empty text box again and scroll down to 'Form Properties'. Click on the radio button for 'Send to others' then click 'Options' and in the 'Action' box type the name of the file that will be password protected, giving it the suffix 'asp' instead of 'html. If it is in a different directory from the file you are currently editing (password_enter.html), include the name of the server and directory also, starting at the 'web root' directory. In this example, it is on a Microsoft web server at http://sprynt.sghms.ac.uk' in the web's directory '/computing', so I entered 'http://sprynt.sghms.ac.uk/computing/password_protected.asp'. Save the file you have just finished editing as 'password_enter.html'. In addition, make a copy of this page with a line saying 'The password you entered was incorrect'. and save it in the same directory as 'password_enter_again.html'.
(b) Create a new file in 'FrontPage' on the Microsoft web server. In my case it was on the Microsoft web server 'http://sprynt.sghms.ac.uk' in the web's '/computing' subdirectory. This will be the password-protected file. In 'FrontPage Editor', select the tab at the bottom called 'HTML'. Copy the following script and paste it into the page above the first 'html' tag on the page:
<%
pagePassword = "pass"
passwordForm = "password_enter_again.html"
IF Session("pwfield") <> pagePassword THEN
IF Request.Form("pwfield") =
pagePassword THEN
Session("pwfield")= pagePassword
ELSE
Response.Redirect(passwordForm)
END IF
END IF
%>
(Include the '<%' and '%>' lines.) Edit the word "pass" to provide the password for this page. Edit the word "password_enter_again.html" to provide the name of the web server and second file which you made in (a) if it is different. In my case it was 'http://sprynt.sghms.ac.uk/computing/password_enter_again.html'. Edit the rest of the page in the usual way, and save it as 'password_protected.asp'. Note: this script can be used in several pages using ‘Server Side Include' (SSI).
Now, using a web browser, open the file made in (a) and enter the password. This page passes the content of the box to the second password-protected page ('password_protected.asp'), which checks the password using the above script and assigns it a 'Session Variable' if it is correct. If is not correct, it opens the file called 'password_enter_again.html', for the user to enter the password once more. If the user closes the browser which opened the protected page successfully, or the session times out, the user is required to reenter the password to open the protected file once more.
You can see how this works in a 'test' page here.
With acknowledgement to SiteCrafters, which provided the script and which is a source of other useful information on using ‘FrontPage’.
See also Instructions on setting up user/password and access control for
Return to the 'home page
Return to the 'computer index page'
© cspry@sghms.ac.uk. Department of Biochemistry & Immunology, St. George's Hospital Medical School, London SW17 0RE, UK. Phone +44 20-8725 5819; fax +44 20-8725 5821. This page was updated on 27 January 2002 11:30:53.