There are a variety of ways to do this, depending on who you are "allowing"
or "keeping out" and which tools you have at your disposal.
1. Protect the directory in windows. This works well on an Intranet and will
prompt users who do not have access via a windows pop up box. This is NOT a
good option for an Internet site.
2. Add a config file to the directory in question that has authentication
and authorization sections set up. This alone will force the user to the
specified login page.
Now, if a regular login page is not an option (as you have stated), you can
either use a custom Membership provider, or you can fake it by using the
Membership piece and redirecting the user to a page as if they were logged
in.
'VB
FormsAuthentication.RedirectFromLoginPage(userName, False)
The second part (False) is whether to set a cookie. You might want this to
be true so the user can revisit the page over and over again.
You can also kludge up your own security, either by cookie or session, if
you so desire.
//C#
string sessionLogIn = Session["LogIn"];
if(sessionLogIn == null)
{
//usernot valid, send them to another page
}
else
{
//allow user to see page
}
Place on each page and set the Session["LogIn"] value on the page with the
questions.
If you can use Membership, it is potentially better, as it allows you to
reuse bits of the ASP.NET framework, but it may be overkill, especially with
a custom membership provider.
SPECIFICS INLINE
jaems said:
I want to keep some stuff just for certain web users using a secure folder
with id and password which I can set up via my web hosts control panel
If a visitor to my site needs to go to a page within this folder a login
window appears and they have to login
If I have a user who answers certain questions on one of the public page
on my site I need them to be able to enter the secure area directly
Is there any way to provide the credentials to get into the secure folder
with out invoking the login window?
You have the ability to log someone in without them supplying credentials.
That is the RedirectFromLoginPage() bits (see above). You make a login page
(your question page) without a login control.
As mentioned, you can also roll your own.