How to Secure my default.aspx page
-
HI: I have a website in Website1 folder that require user to Login first then directed to default.aspx page. If user try to copy "http://localhost/website1/default.aspx. How can I prevent user from copy my default.aspx onto the URL to bypass the Login.aspx page first. Thanks in advance, Eyungwah
-
HI: I have a website in Website1 folder that require user to Login first then directed to default.aspx page. If user try to copy "http://localhost/website1/default.aspx. How can I prevent user from copy my default.aspx onto the URL to bypass the Login.aspx page first. Thanks in advance, Eyungwah
Turn off anonymous access and then the page will auto re-direct to your login page if you are doing forms authentication. A sample web.config is below. The deny user="?" is what will deny anonymous access. The loginUrl is what will redirect to your login page. Hope that helps. Ben
-
Turn off anonymous access and then the page will auto re-direct to your login page if you are doing forms authentication. A sample web.config is below. The deny user="?" is what will deny anonymous access. The loginUrl is what will redirect to your login page. Hope that helps. Ben
Thanks Ben for your replied. It works but I have some other issue though. On my Login.aspx page I have a Hyperlink for PasswordRecovery.aspx page. The Link stop working. Is there an alternate solution to make this Link working in case user forgotpassword. Thanks, eyungwah
-
Thanks Ben for your replied. It works but I have some other issue though. On my Login.aspx page I have a Hyperlink for PasswordRecovery.aspx page. The Link stop working. Is there an alternate solution to make this Link working in case user forgotpassword. Thanks, eyungwah
Well, I guess what you would want to do is to create a new subfolder. In that subfolder you can have another web.config that has an allow statement so that "?" Anonymous users are allowed to access pages in that subdirectory. You can also put a location section with a path in it. So it is like Do the allow authorization stuff here Hope that helps. Ben