How do I prevent users from viewing a webpage directly by typing in its URL?

[swbaz]

What is an effect way to prevent users from viewing a webpage directly by
typing in its URL?

For example: If a default page is set up as a login screen with user name
and password.

The user types in correct information and clicks the submit button.

The next webpage comes up, displaying its URL. So what's to stop the user
bypassing the login screen next time around? I would like to show an access
denied message if this happens. Any suggestions?

S

 

[John Saunders]

What is an effect way to prevent users from viewing a webpage directly by
typing in its URL?

For example: If a default page is set up as a login screen with user name
and password.

The user types in correct information and clicks the submit button.

The next webpage comes up, displaying its URL. So what's to stop the user
bypassing the login screen next time around? I would like to show an access
denied message if this happens. Any suggestions?

You should look into Forms Authentication.

Otherwise, the only way to control what the user does in the browser is to
write your own browser.

 

[Jordan Marton]

Personally...

I have all of my aspx.vb pages derive themselves from a general template.
Now I know this isn't what you're asking, but in the template I have a few
public properties, one of them being AccessLevel. So basically, on each aspx
page, I define the access level and then it checks it based on user session
info. here is an example...

Private _accessLevel As String = "Not Set"

Public Property AccessLevel(ByVal pageLevel As String)

Get

Return _accessLevel

End Get

Set(ByVal Value)

_accessLevel = pageLevel

Select Case _accessLevel

Case "General"

'do nothing, no access needed

Case "User"

If Not Session("UserLoggedIn") Then

Response.Redirect("default.aspx")

End If

End Select

End Set

End Property



and then from each page in the Page_Load I say:

Me.AccessLevel="General" or "User" or "Admin" and that restricts the page
each time it is accessed!