Experts Round Table Network - Secure user authentication the "other" way...

Hi everyone, Heres a nut to crack for y`all..

This case is about security with a basic ASP app on something we all know about.. a unwilling hostingprovider.

I am setting up a ASP app for a Norwegian government bureau.
This site contains internal docs that can not be accessible to others than internal users of this bureau, and to them only if they use their internal network.
Due to internal communication problems the "tech" representative have asked me to set up their site at a perticular hostingprovider that has no understanding of users wish to make something a little out of the ordinary when it comes to security, and even tho they run IIS it`s impossible to make them do the obvious simple solution; Grant a few IPs access. (This is not even an opt as its prohibited to store these IPs in such an "unsecure" way as this host can offer, and thus this opt is not available for a ASP based sniff..)

So.. This case is about creating a secure site without the easy tools.. and all i am left with is insite coding, or magic..

I cannot:
-Create a new username/pw for each user as its about 500 of them, and most cant remember it anyway, or just don`t want to have another one.

-upload a list un/pw list matching the users internal users winlogins as that would be illegal.

So.. any ideas?

This site needs to be "secured" some way... Is my only opt to take up the fight with their IT dept?
I guess this could be made into a something something about what opts are available for user auth. please feel free to post.. it might not help me, but maybe someone else..

Btw; 500 pts and an "A" for anyone that posts... :sign5: