A User CAN Browse Your Web-Pages Anonymous Or as an Authenticated User. This is set in the web.config of your site.
By default every user can Browse any page. If you want to know who is requesting, deny the access to unknown users
Now Every User Has to Be Authenticated to View a page Basis by adding sections to the web.config
Take a Look at the asp.net forums app to get an idea how to use. In a forum everybody can Browse and read the post you have to be authenticated to (react on a) post.
ASP.NET has several ways of authentication built in:. Windows integrated, Passport and forms Using forms authentication the user is forced to a login page before visiting a page This login page is also set from the web.config file.
On the login page the user enters a username and password which is supposed to be validated against the one or the other. When approved the code will set an authorization cookie. With this cookie the user can visit all pages shielded off without having to log in Again and Again. When the cookie the login will Persist over sessions. (Remember Me) .But Nothing forces You to Pop Up A form. ASP.NET DOESN'T Care As Long As the cookie is set. you could Do this for instance
private void AuthenticateHere_Init (object sender, System.EventArgs e) {if (isValidAddress (Context.Request.UserHostAddress)) {System.Web.Security.FormsAuthentication.SetAuthCookie (Context.Request.UserHostAddress, false); string redirectUrl = Page.Request .QueryString ["ReturnURL"]; if (redirectURL! = Null) {page.response.redirect (redirectURL); page.Response.end ();}}}
Right in the start of the pages lifecycle, in the init event of the page the cookie is set. Why the user deserves an authentication cookie is up to you, here I use a custom method IsValidAdress. After setting the cookie the response is ended and the app is redirected to the page requesting the authentication. FormsAuthentication passes the url in the querystring. in the browser toolbar you will see the Authenticate page being hit, on a succefull authentication the visual page itself jumps directly to the page requested in the querystring.
.............................
Peter
