您必须添加授权标记到您的配置文件并使用它来获得您想要的内容。这个链接可以帮助你：



http://www.aspdotnet-suresh.com/2014/03/how-to-restrict-access-to-particular.html [ ^ ]

i.e; am able to access page directly by specifying url

Below mentioned are the web.config and loginpage code files My requirement is only the users who successfully logins should access all the reports which are there in default.aspx else they should be redirected to logonsql.aspx

but by specifying the website/reportname.aspx in in url am able to access the report am just a beginner, please guide me. Thanks !

Logonsql.aspx.cs

protected void Logon_Click(object sender, EventArgs e)
{
    string connection = "Data Source=localhost;Initial Catalog=REPORTS;Persist Security Info=True;";
    SqlConnection con = new SqlConnection(connection);
    SqlCommand com = new SqlCommand("CheckUser", con);
    com.CommandType = CommandType.StoredProcedure;
    SqlParameter p1 = new SqlParameter("username", TextBoxusername.Text);
    SqlParameter p2 = new SqlParameter("password", TextBoxpassword.Text);
    com.Parameters.Add(p1);
    com.Parameters.Add(p2);
    con.Open();
    SqlDataReader rd = com.ExecuteReader();
    Session["username"] = TextBoxusername.Text;

    if (rd.HasRows)
    {
        rd.Read();
        //Server.Transfer("Default.aspx");
        FormsAuthentication.RedirectFromLoginPage(TextBoxusername.Text, false);

    }

    else
    {
        Msg.Text = "Invalid credentials. Please try again.";


    }
}
web.config :

 <system.web>
    <httpRuntime targetFramework="4.0" maxRequestLength="1048576" executionTimeout="3600"/>
    <identity impersonate="false"/>
    <authentication mode="Forms">
      <forms loginUrl="LogonSql.aspx" name=".ASPXFORMSAUTH"/>
    </authentication>
    <authorization>
      <deny users="?"/>
    </authorization>
    <roleManager enabled="true"/>
    <membership>
      <providers/>
    </membership>
    <httpModules>
      <remove name="WindowsAuthentication"/>
      <remove name="PassportAuthentication"/>
      <remove name="AnonymousIdentification"/>
      <remove name="UrlAuthorization"/>
      <remove name="FileAuthorization"/>
    </httpModules>
    <caching>
      <outputCache enableOutputCache="false" enableFragmentCache="false" omitVaryStar="true"/>
    </caching>
  </system.web>
  <system.webServer>
    <validation validateIntegratedModeConfiguration="false"/>
    <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="1073741824"/>
      </requestFiltering>
    </security>
  </system.webServer>

You will have to add authorization tag to your config file and play with it to get what you want. This link should help you with that:

http://www.aspdotnet-suresh.com/2014/03/how-to-restrict-access-to-particular.html[^]