Authorization in ASP.NET
You can protect your website pages from an unauthorized user that can harm your site. You can redirect any unauthorized user to login form by doing some changes in web.config file.
You can protect your website pages from an unauthorized user that can harm your site. You can redirect any unauthorized user to login form by doing some changes in web.config file. Suppose in your default page, you have added a hyperlink of employee detail and you want to restrict the unauthorized user and redirect unauthorized user to login form. First, You should create a folder with specific name after that add those pages you want to protect from unauthorized user. After adding pages you must add a web.config file in the folder because web.config file decide which user can redirect to employee detail page or which not.
Step 1: Add hyperlink in default.aspx page
Default.aspx
<%@ Page Title="Home Page" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<asp:Content ID="HeaderContent" runat="server" ContentPlaceHolderID="HeadContent">
</asp:Content>
<asp:Content ID="BodyContent" runat="server" ContentPlaceHolderID="MainContent">
<asp:HyperLink Text="Employee Details" ID="idhyperlink" runat="server"
NavigateUrl="~/Detail/Employee_page.aspx" ></asp:HyperLink>
</asp:Content>
Step 2: Add folder in your application and named that folder Detail
Step 3:Add a page in Detail folder by right clicking the mouse and select Add New Item option.
You will see Add New Item Dialog box select Web Form and named that form Emplyee_page.aspx after that click the add button to add Employee_page.aspx in Detail folder.
Step 4:Add a Web.config file in Detail folder. Authorization refers to the process to identify which resources are allowed to access to user. The configuration file denies access to anonymous users using '?'.
Detail/web.config
<?xml version="1.0">
<configuration>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</configuration>
Now, I debug my application. Internet explorer show Default.aspx, there is an Employee Details hyperlink on Default.aspx page if you click on that hyperlink you will automatically redirect to Log In form to know that you are authorized user or not after file that form you can see Employee_page.aspx otherwise not.
Default.aspx on internet explorer
After clicking on Employee Details link page redirect to Login form.