dash
Reputation: 65
How to deny direct access to page
how can I deny direct access (by typing the full url) to pages in asp.net, without using roles in web.config something simle. I've used :
if (Session.IsNewSession)
Response.Redirect("Default.aspx");
the problem with it is in the first time everything is ok and the redirect is working, but if I open a new tab in the same browser and enter the url again it fails. How can it be solved? thanx
Upvotes: 2
Views: 1324
Answers (2)
Jomy John
Reputation: 6528
Using session you can solve this issue.
Build an HttpModule and in context_BeginRequest you can get the current URL . Later conditionally redirect to the default page.
public class RedirectionModule : IHttpModule
{
void context_BeginRequest(object sender, EventArgs e)
{
//this user already already eligible to go inside page ?
if (Session["eligible-to-go-inside"] == null)
{
//new user
//check current request url is default.aspx
//if not forward to default page
}
}
}
in default.aspx page if the user full fill the requirement to go to inner page (like logged in) then set
Session["eligible-to-go-inside"] = "yes";
Upvotes: 0
coder
Reputation: 13248
Try this:
Page 1
Context.Items.Add("somevar","someval");
Page 2
if ( Context.Items["somevar"] == null )
{
// the page is not redirected from Page 1
}
Upvotes: 3
Related Questions
- Restrict user access using session - ASP.NET
- Restrict access to some .aspx pages
- how to use session to avoid some user to view some pages?
- Session check deny page access ASP.NET
- Deny access to html page
- Temporary disallow access to certain page
- How do I restrict direct access to an ASP.NET web page?
- How to deny access to some pages in Asp.Net applications
- Preventing non-logged in members from accessing a certain page
- Asp.Net deny access on certain pages to users