Have a look at ASP.Net Authorisation along with .Net forms authentication
http://msdn.microsoft.com/en-us/library/wce3kxhd.aspx[
^]
http://msdn.microsoft.com/en-us/library/ff647070.aspx[
^]
By combining the two, you can force all unauthorised users to have to login.
E.g in your web config...
<authentication mode="Forms">
<forms name="yourApplicationName"
loginUrl="~/LogOn.aspx"
path="/"
protection="All"
timeout="5"
slidingExpiration="true"
defaultUrl="~/Home.aspx"
requireSSL="false"
enableCrossAppRedirects="false"
cookieless="UseCookies"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
The
deny users ? element will stop all unauthorised users from accessing web pages, they will have to sign on first