One of the questions I am often asked is “How can I integrate ASP.NET security with Classic ASP other non-ASP.NET URLs?”.  Specifically, people want to know if they can integrate ASP.NET’s Forms Authentication, Role Based Security, and URL Authorization features with Classic ASP, PHP, JSP, .HTM, .JPG and other non-ASP.NET URLs.

The good news is that this is pretty easy with ASP.NET 2.0 and IIS 6.0 today, and will get even easier in the IIS 7.0 timeframe.  The below blog post demonstrates how to integrate ASP.NET 2.0’s Forms Authentication and Login/Membership features with classic ASP and static .HTML files.

For a much more detailed walkthrough of how to achieve this (as well as how to integrate features like ASP.NET role based authorization with classic ASP applications), please read Chapter 6 of Stefan Schackow’s excellent ASP.NET 2.0 Security, Membership, and Role Management book. Read more

via: http://weblogs.asp.net/scottgu/archive/2007/03/04/tip-trick-integrating-asp-net-security-with-classic-asp-and-non-asp-net-urls.aspx