I have a web application that has like loginUrl="Index.aspx"
and like defaultUrl="list.aspx"
.
This works fine, because once I have the Index.aspx
and expect the user to log in, I manage to get the page list.aspx
.
The problem is that if I directly put the URL of list.aspx
, I can open it without going through Index.aspx
.
How can I block access and that only once after having gone through Index.aspx
the page list.aspx
it is displayed?
Thank you very much in advance.
Here is part of me web.config
:
<authentication mode="Forms">
<forms loginUrl="Index.aspx"
slidingExpiration="true"
defaultUrl="list.aspx"
timeout="600" name=".Auth"
protection="All"/>
</authentication>
You must add an authorization in
Web.config
it with the following command:I leave you this link where you can see more info about it: Setting authorization