On Jun 26, 6:54 pm, Alex <A...@discussions.microsoft.com> wrote:
> We created a website for our customer to check their order status. We are
> using login controls, authentication mode="Forms", SqlMembershipProvider, and
> all asp.net security. User has to login when he access the website first time
> and then he can click Flash menu to go to every page.
>
> It is supposed to redirect to login page when user click the menu if the
> session is expired. But now user still can click the menu to go to every
> page. If we change the flash menu to text menu, it works fine. It looks like
> the flash menu has different session but asp.net doesn't recognize it.
>
> Anyone can help me to resolve this problem?

"Alexey Smirnov" wrote:

> On Jun 26, 6:54 pm, Alex <A...@discussions.microsoft.com> wrote:
> > We created a website for our customer to check their order status. We are
> > using login controls, authentication mode="Forms", SqlMembershipProvider, and
> > all asp.net security. User has to login when he access the website first time
> > and then he can click Flash menu to go to every page.
> >
> > It is supposed to redirect to login page when user click the menu if the
> > session is expired. But now user still can click the menu to go to every
> > page. If we change the flash menu to text menu, it works fine. It looks like
> > the flash menu has different session but asp.net doesn't recognize it.
> >
> > Anyone can help me to resolve this problem?
>
> <deny users="?" /> in the web.config file should help
>