**** nice clean code from http://www.qbt.com/TestLoginBAK.asp:

<%	Response.Buffer=True %>
<!--#include file="adovbs.inc"-->

<%

 On Error Resume Next

'	The variables LoginName and PWD are just HTML input fields from the login page.
'---------------------------------------------------------------------------

	UserLogin = Request.Form("Login")
	UserPassword= Request.Form("PWD")

	Session("DidUserLogin")=FALSE
'	Attempt a connection to the server.
'---------------------------------------------------------------------------

	Set Conn=Server.CreateObject("ADODB.Connection")
	Conn.Open "DOC",Request.Form("Login"),""

'	If Connection fails, redirect them to the Connection Fail page
'---------------------------------------------------------------------------

	If Err.Number <> 0 Then

		Response.Redirect("FailedLogin.ASP")
		
	Else
		'---Set the session variable that legitimizes the user here
		'---Session("DidUserLogin")=TRUE
	

	
'	is it the dbo, and if so let him go ( to user admin stuff)
'----------------------------------------------------------------------------
	tmpSQL = "exec spq_GetUserInfo" & chr(34) & UserPassword & Chr(34)
		Set Cmd_DocUsers=Server.CreateObject("ADODB.Command")
		Cmd_DocUsers.ActiveConnection = Conn
		Cmd_DocUsers.CommandTimeout = 60
		Cmd_DocUsers.CommandType = 1
		Cmd_DocUsers.CommandText = tmpSQL
	Set rsDocUsers=Cmd_DocUsers.Execute
	Set Cmd_DocUsers.ActiveConnection=Nothing
	Set Cmd_DocUsers=Nothing

	usertype = RTRIM(rsDocUsers("User"))
	rsDocUsers.close
	set rsDocUsers = nothing
	
	Session("UserClass") = "crap"
	response.write usertype & "   " & tmpSQL
	if rtrim(usertype) = "DocUser" then 
		Session("UserClass") = "peon"
		Session("DidUserLogin") = TRUE
	End if	
	
	if Session("DidUserLogin") = TRUE Then	
		Response.Redirect("Document.ASP")

	Else 
		Response.Redirect("FailedLogin.ASP")
	End if
	End If

'	Close Connection
'--------------------------------------------
	Conn.Close
	set conn = nothing
%>