Conditional Authentication Question

["Daniel E. Lehman" <del3@xxxxxxx>]

OK, so maybe the subject isn't worded properly, but here is what I would like to do.  I'm shopping for ideas.

We're running IIS using VBScript coded ASP pages.  We have a database driven, online directory where we have elected to hide e-mail addresses to prevent spambots from harvesting addresses.  Essentially, a link is present that takes the user to a form that the user can complete to send a message to the directory listee.  The problem is that all our addresses are hidden all the time.  We would like that to change.

I see two avenues - one is to display the addresses only to hosts within the Penn State IP space while the other is to use some sort of authentication.  I think the best way is to use CoSign, but I am running into a problem - it appears that CoSign is an "all or nothing" product - meaning if I want Penn State people to see the addresses I would need to create a duplicate set of directory pages that would be protected by CoSign leaving the original set of pages available to anonymous access.  What I would like to do is to code the page to look for the cosign cookie and if present, present a link to a pop-up page that would first check the validity of the cookie then display the address.  Is this possible?  Is there a better way that I haven't thought of?

-Dan

===================================
Daniel E. Lehman
Facilities and Network Coordinator
Penn State Materials Research Institute
196 MRI Building
Innovation Park
University Park PA 16802

814-865-1516
del3@xxxxxxx
http://www.mri.psu.edu
===================================