Do not allow access to defaultUrl in web.config file

Navigation
3

I have a web application that has loginUrl="Index.aspx" and% defaultUrl="list.aspx" .

This works well, because once I have the Index.aspx and I hope the user identifies, I get the page list.aspx .

The problem is that if I directly put the URL of list.aspx , I can open it without having to go through Index.aspx .

How can I block access and only once I have gone through Index.aspx the page list.aspx is posted?

Thank you very much in advance.

Here is part of my web.config : 

<authentication mode="Forms">
      <forms loginUrl="Index.aspx"
             slidingExpiration="true"
             defaultUrl="list.aspx"
             timeout="600" name=".Auth"
             protection="All"/>
</authentication>
    
asked by A arancibia 08.02.2016 в 19:11
source

1 answer

3

You must add an authorization in Web.config with the following command: 

<system.web>

<authentication mode="Forms">
</authentication>

<authorization>
    <deny users="?"/> <!--acá denegas el acceso a los usuarios anónimos-->
</authorization>

</system.web>

I leave this link where you can see more info about it: Setting authorization

    
answered by 08.02.2016 / 20:20
source
immutable div within a div content-editable Input type range does not show range