  
// ************************************************************
//			SAINTlogin (c) www.saintlogin.com
//
// Implementation files for ASP (Windows, IIS) web servers
//	release 1.0
// ************************************************************

Thank you for downloading the SAINTlogin implementation files, 
please follow these directions to setup a test access page on ASP/Windows IIS Webserver.

- You may need to have an FTP access to the directories of your web pages.
...

- Make sure IIS is correctly installed and functional on your Server.

- Download and install the MSSOAP 3.0 Toolkit on the server, it is needed to access SAINTlogin Webservice
  MSSOAP 3.0 is available free at this address
  http://www.microsoft.com/downloads/details.aspx?FamilyId=C943C0DD-CEEC-4088-9753-86F052EC8450&displaylang=en

- Unzip the downloaded SAINTlogin file, make sure you unzip with full path extraction, you
should have these directories extracted to the desired web folder

	-test_site
		-_ScriptLibrary
		-images

- Copy these files, maintaining the directory structure, to your website root directory, 
using either FTP or copy (if you have direct access to the server).

######CONTENTS######

- The test_site directory contains a prototype login page named "saintlogin_access.asp". 
You can customize this page as needed, it will be the login page to your SAINTlogin protected site.

- The _ScriptLibrary directory contains the interface files needed by the MS/ASP 6.0 development environment requires

- The tutorial images directory contains just the sample images of the index.asp protected page

######TESTING######

- To test the implementation, just use a browser, point to your website,and have access to the 

			"saintlogin_access.asp" page,

(for example typing as address : www.yoursite.com/test_site/saintlogin_access.asp)

(Please have your Internet Explorer or Netscape updated to the latest version available !)

After pressing the login button, in a few seconds you should see an image displaying a number.
Call this number using a cell-phone, if registration was not made, you should be redirected to the 
"noaccess.asp" page.

-Now register to a demo service using your cell-phone at the following link 

	http://www.saintlogin.com/SAINT_WS/saintregistration.php

(You will be prompted to send an SMS containing a pass-code to a number displayed)

-After registration has been made, and the required SMS sent, retry login at the 
"saintlogin_access.asp" page, if the browser is automatically redirected to the 
index.asp page then...
 
...Many Compliments ! You have successfully installed SAINTlogin !

--Please note, the index.asp page is protected by session variable setting, 
this means that if you try to access the index.asp page when not ganted by SAINTlogin, 
you will be redirected to the access page.

This means that the contents of the index page is not available until successfully logged in.
Any asp or htm page in your site can be protected by adding these few lines of code at the top
of the document source


<%@ Language=VBScript %>

<%
' ...THIS IS A SAMPLE SAINTLOGIN PROTECTED PAGE....
'
' INSERT THIS CHECK AT EVERY PAGE START IN YOUR ASP CODE
'
' YOUR CODE CAN USE THE Session("Saint_admin") sesison variable to detect if user
' has been successfully validated and granted access by SAINTlogn...
'
' If User has not been validated or is not granted access redirection 
' to the saintlogin access page occurs here !
'

if Session("Saint_admin")<>"granted" Then
	Response.Redirect("saintlogin_access.asp")
end if

%>




######CUSTOMIZATION######

- There are 4 pages which you can modify that represent the standard SAINTlogin replies :

If the behaviour of the prototype pages is kept as original, the SAINTlogin scripts here provided
will automatically redirect to one of these pages, passing to them the values indicated here 
between '<' and '>' :

* IF user has not been registered (not known) his browser is automatically redirected to
	"noaccess.asp?number=<caller id>"


* IF user has been correctly validated (recognized) his browser is automatically redirected to
	"index.asp?Number=+<caller id>&nick=<nome utente riconosciuto>"

* IF timeout (SAINTlogin has been waiting call for more than 50 sec) his browser is automatically redirected to
	"timeout.htm"

* IF NO CALLER ID has been received with the call his browser is automatically redirected to
	"nocaller_id.htm"


Please note that you won't be able to access the 'index.asp' page unless correctly validated by SAINTlogin !

----------------------------------------------------------------------------------------------------------------------


-For the purpose of protecting your site, may also need to make minor modificaions to this file :

		saintlogin.asp

In this file the following function can easily be modified :

function WaitForCall( PhoneID )

in which a call the SAINTlogin Webservice is made to check for a valid call received.

To set your global variables needed for user/session identification, just check the 'theResult' variable 
and grant your user or not setting a session variable and an optional cookie for user 
identification during session.

You may simply add your required code to this 'if' statement :


'-----------

if Left(theResult,8)="noaccess" or Left(theResult,7)="timeout" or  Left(theResult,11)="nocaller_id"  Then
	'  No access for this user !!! 
else
	if Left(theResult,5)="index" Then
	' User has been recognized !
	' Set YOUR USER Session variable
	' Set YOUR COOKIE if requested
	end if
end if

'-----------



THAT'S ALL... FOLKS !!!

If support is needed contact us at support@saintlogin.com , thank you !