You want to prevent users from accessing certain pages unless they have first authenticated themselves with a custom login page.
Implement forms authentication. You must create the login page, but ASP.NET keeps track of a user’s authentication status.
Forms authentication is a flexible security model that allows you to prevent unauthenticated users from accessing certain pages. You write the code that performs the authentication, and ASP.NET uses a cookie to identify authenticated users. Users without the cookie are redirected to a login page when they try to access a secured page.
To implement forms authentication, you must take these steps:
Configure forms authentication using the <authentication> ...