after login...
put a condition in your pageload event...like this...
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Session["User"] == null)
{
Response.Redirect("login.aspx");
}
}
if (Session["SessionId"] == null)
{
Response.Redirect("login.aspx");
}
Response.Buffer = true;
Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d);
Response.Expires = -1500;
Response.CacheControl = "no-cache";
}