Using forms authentification, when a user is not logged in to the web site the code below can be used on the page load event to redirect them to the login page.
Question is do I have to add this on each page or can I do this in one place and instead add pages that dont need a logged in status to be viewed(like the start page, login page).
Thanks
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
You can make a class with this function and you can call it in the masterpage . If you don't use a masterpage , yes , you have to call it in everypage . Recomandation : Use masterpages ( more about them look here http://www.asp.net/Learn/m
I do use masterpage and yes the section:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" defaultUrl="Default.aspx" />
</authentication>
..is there allready.
But I can still go to any page without being loged in, besides I need to have a few pages that are open for all.
So if I want to use the master page to do this how would the code look like and in what event in masterpage, same thing as I did on the single page?.
Also you have mentioned that you need to allow anonymous access to certain pages.
Create a folder. for ex. "Folder1" and include the following section in web.config just before </configurations>
<location path="Folder1">
<system.web>
<authorization>
<allow users="?,*"/>
</authorization>
</system.web>
</location>
If you wan't for any individual files you have to create individual <location> tag to the path specifying the filenames.
I went to the ASP.net configuration site, it added the:
<authorization>
<deny users="?" />
</authorization>
..section and now it seems to work, will try the 'location' thingy also, I'll be back soon.
Maybe it was that the '<allow users="*"/>' should be below deny I guess the order is important, if its needed at all in this case that is since everything thats not = ? is a logged in user.
I went with making the whole site allowed for anonymous users (since the permissions are inherited) and made a folders for member where I have the pages needing login.
This is working fine, strange thing is that there is no <authorization> or <location path> section in web.config, I guess this is stored in the sql server db using the <roleManager>.
Comfirm if you know it works like that please.
Thanks for your help
Business Accounts
Answer for Membership
by: VikramMullickPosted on 2009-05-01 at 00:41:21ID: 24277235
You can use a master page or user control, then you need not use it in everyplace.