asked on

How do I prevent a user going directly to page without login?

I am using vs2005 and visual basic. I am implementing login with the login controls. I have a default welcome page which contains some links to other sites and a button to go to a form page. The form page requires login authentication. I do not want all users to login before getting to the default page. Only if they want to get to the form page. I have set it up to do that now. However.... A user can type the url of the form page in and go directly to it, bypassing the login. How do I prevent this from happening and also allow the default page to be displayed to all users. Her is my web config....
Thanks,
John

<authentication mode="Forms"/>

<authorization>
<allow roles="Admin"/>
<allow users = "*" />
</authorization>

adymono

add to webconfig after the
<configuration>
tag:

<location path="defaultpage.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>

this will allow all users to see defaultpage.aspx

Sashi Rachabattula

Place your other login authentication. files in new folder
and create a new web.config file in that folder
if user is not autherized its redirect to login page

<system.web>
<authentication mode="Forms">
<forms loginUrl="logon.aspx" >
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>

ASKER CERTIFIED SOLUTION

leachj

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Tom Knowlton

John:

You can go to customer support and request that they mark this question as "Programmer Answered Question" (if that applies) and you'll get your points back.

Vee_Mod

Closed, 500 points refunded.
Vee_Mod
Community Support Moderator