global.asax Protect Page

How can I protect a Page in Global.asax to prevent direc access like http://yourapp/Login.aspx, so that you开发者_StackOverflow中文版 need to log before you can get through that page.

You can use Forms Authentification for that:

http://www.asp.net/security/tutorials/an-overview-of-forms-authentication-cs

In web.config you can specify access level for each page

    <configuration>

        <system.web>

        <authentication mode="Forms"/>
        <authorization> <deny users="?"/>  //this will restrict anonymous user access

        </authorization>
        </system.web>

        <location path="register.aspx"> //path here is path to your register.aspx page e.g. it could be ~/publicpages/register.aspx

            <system.web>

                <authorization>

                <allow users="*"/> // this will allow access to everyone to register.aspx
                </authorization>

            </system.web>

        </location>

    </configuration>