Hi,

I m designing a web application. In this user can access other pages if he has login. But if a user know the url of the other pages he can directly use that particular page without login. I mean, for say //localhost/manju/aa.aspx . So here what i want if anyone type url of my any page in the address he should be redirect to my login page (if he has not login)

Hope u people will help me in this

just while the person logins please keep a session variable which stores the userid and on each page you just check for this session validity

/// at the time of login ----
//validate the user for proper login and get the userid

Session["UserId"] = userid;

/// on each page ----- this passes the session to the function

chkValidity = new CheckValidity();
if(!(chkValidity.CheckSessionValidity(Session)))
{
Response.Redirect("Login.aspx?LoginAgain=1");
}

/// make a function like this
/// this function validates the session variable fo userID



public bool CheckSessionValidity(HttpSessionState HttpSession)
{
if (HttpSession.IsNewSession)
{
return false;
}
//This is the code to check that the session variables have been correctly set on the page
if (HttpContext.Current.Session["UserId"] == null )
{
return false;
}
return true;
}

moved to asp.net forum

You can also use a web.config file per directory to allow access to resources based on role or username. Look at a standard web.config and it will show you the specific info.

HI,
bBest and simple solution is implementation of Forms authentication.
You don't have to maintain the session variable on every page.

In case you have role based access, you must have to have a seperatte security implemataion.
thanks