You can try the old session asp way, it might be simpler. The way i do it in
asp is
security.asp
IF NOT AUTHENTICATED THEN
PAGE.REDIRECT to login.asp
login.asp
IF username AND password are correct THEN
Session("AUTHENTICATED")=TRUE
secure_page_1.asp
<!--#include file="security.asp"-->
secure_page_2.asp
<!--#include file="security.asp"-->
......
Now if they try to go directly to any of the secure pages they will be
redirected to the login screen as the session variable will not be set.
I like that because if i want to make some code available in all the pages i
put it in security.asp
"VK" wrote:
Hello:
This is an ASP.NET app - once user logs in using username and password
(kind of hard coded, since it is temporary solution) they have access to
a series of html files. What happens is that these html files are
accessible even without logging by trying in the url directly.
Is there a way to secure this folders, since these different html will
be in multiple folders?
I cannot use forms authentication since we have current website set up
as Windows auth.
Many thanks for your time.
*** Sent via Developersdex http://www.developersdex.com ***