我想在ASP classic中开发一个网站,该网站对脚本控制下的数据库或密码列表使用HTTP身份验证.理想情况下,解决方案应该不涉及组件或IIS设置,因为脚本应该可以在托管环境中运行.
任何线索/代码深受赞赏.
解决方法
可以在纯粹的经典ASP VBScript中进行HTTP基本身份验证.
您将需要一些东西来解码base 64. Here is a pure VBScript implementation.您还需要确保在IIS配置中关闭“基本身份验证”和“集成Windows身份验证”,因为这些会干扰您在HTTP_AUTHORIZATION标头中返回的内容.
<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="decbase64.asp" -->
<%
Sub Unauth()
Call response.addheader("WWW-Authenticate","Basic realm=""SomethingGoesHere""")
Response.Status = "401 Unauthorized"
Call Response.End()
End Sub
Dim strAuth
strAuth = Request.ServerVariables("HTTP_AUTHORIZATION")
If IsNull(strAuth) Or IsEmpty(strAuth) Or strAuth = "" Then
Call Unauth
Else
%>
<html>
<body>
<%
Dim aParts,aCredentials,strType,strBase64,strPlain,strUser,strPassword
aParts = Split(strAuth," ")
If aParts(0) <> "Basic" Then
Call Unauth
End If
strPlain = Base64Decode(aParts(1))
aCredentials = Split(strPlain,":")
%>
<%= Server.HTMLEncode(aCredentials(0) & " - " & aCredentials(1)) %>
</body>
</html>
<%
End If
%>
