Printable View
I have a six page web site. To enter the site a user needs to enter a userid/password. How can I stop someone from entering the site by bypassing the password page and going directly to another page. Say if someone were to email someone else the URL of one of my pages. Could I use a session variable to verify that they put in a proper userid/password? Or is there another way?
thanks,
eye
during the page_load check for a session varaible that you can set when someone logs in. if the value is wrong/false/whatever, just redirect to login
Or just use cookies. If they have the cookie, they can get in, if not they can be redirected to the login page.
Or use the web.config to redirect to the login for specified pages. Read up on forms authentication in the sdk docs. It's an excellent way of protecting pages.