Prevent user from accessing any page directly without Login ?

[Luqman]

How can I Prevent user from accessing any page directly without Login ?

User should not be able to by pass the Login screen by typing the Url of any
page directly.

I am using ASP.Net 2.0 with Visual Studio 2005.

Best Regards,

Luqman

 

[David C. Barber]

One way would be to place a logged-in valid value in your Session object for
this user. Each page checks the Session object for this value, and
redirects to an error page if it's not set correctly. Each user has a
unique Session object in ASP .NET.

 

[Guest]

Enable Roles and then for example in web.config

<authorization>
<allow roles="Customer, Administrator, Inactive"/>
<deny users="*"/>
</authorization>

hth

 

[Guest]

Not to sound like a corrupt MP3, but you can get all this information with
example code by following the QUICKSTART samples. These install with either
Visual Studio, or the .NET Framework., and you can also view online at the
asp.net web site.
Peter

 

[Steve C. Orr [MCSD, MVP, CSM, ASP Insider]]

The typical solution is Forms Authentication, which is built into ASP.NET.
Here's more info:
http://www.dotnetbips.com/articles/2fdd29a0-9313-4439-9e24-4e2a9f2cb897.aspx
http://www.dotnetbips.com/articles/8de08fdb-1150-47f5-9831-133dd25b308b.aspx

Combine that with the new login controls of ASP.NET 2.0 and you've got
pretty much everything you need with virtually no code required. Here's
more info on that:
http://SteveOrr.net/articles/SecureYourSite.aspx