Hi Guys
I have a asp.net 4.0 application with login screen
http://localhost/WST/Forms/Frmlogin.aspx
i store my login id in the class file variable inside my application
i want to avoid login to the appliction without going throug login screen by putting
its url directly like this
http://localhost/WST/Forms/TeacherList.aspx
this links works if anybody put it on url area directly,by passing my login screen
how can i avoid this type of situation in my web application
thanks
regards
sumith
On each page you should check whether the user has already logged in. If not, redirect to the login screen.
In forms base authentication for asp.net, you could also control access by using authorization rules in the web.config file.
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.