stop user accessing home page directly

i have 2 pages in my application: Login.aspx & Home.aspx.

Now if user is not login, he should not access the Home.aspx from a web browser.

I know that is possible by session, but don't know how to implement the same.

let me know how to do tha开发者_StackOverflow社区t?

thanks!

i don't know exactly what do u want but here is a solution 1. create seesion variable after successful login like this

Session["username"] = textbox1.text;

1. after u created the session varible make use of

   Server.Transfer()

method in your code

That is the only way i know how to do it currently and good luck

The way I have handled this was to set a token on a successful log in. Then in the load event of each page I check to see if the token is set. If no token they get redirected. Depending on the nature of the app I either send them to a not authorized page or the login screen.

Usually I keep the token in session but if you wanted to allow a user to persist their login across sessions then a browser cookie should work as well.

You can create session after login with the method

HttpSession obj1=request.getSession();

Note that here this method is without arguments.

Now go to the servlet or jsp which is calling the homepage and create another session there with the method

HttpSession obj2=request.getSession(false);

Note that here I have taken an argument false which will prevent the user if he has not created session on login time, meaning he has not logged in.

Now put a check:

if(obj2.isNew()){ response.Redirect(loginpage url)}