Hi Guys

I have a asp.net 4.0 application with login screen
http://localhost/WST/Forms/Frmlogin.aspx

i store my login id in the class file variable inside my application

i want to avoid login to the appliction without going throug login screen by putting
its url directly like this

http://localhost/WST/Forms/TeacherList.aspx

this links works if anybody put it on url area directly,by passing my login screen

how can i avoid this type of situation in my web application

thanks
regards
sumith

On each page you should check whether the user has already logged in. If not, redirect to the login screen.

In forms base authentication for asp.net, you could also control access by using authorization rules in the web.config file.

 <system.web>
   <authorization>
     <deny users="?" />
   </authorization>
 </system.web>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.