Restrict default anonymous login to authentication(very challenging to me! )

hey guys,
i need your helps!!!

There are some applications in my homepage such as bookmarks, Files, Activities… can be accessed by anonymous.

For example,
I log on to my page and open the bookmark page. then, copy the link and log out.
i go to that bookmark page but i can still access it.

Some paths of my web site are default as public link too. Therefore, non-login(do not authenicated) users can access the link even though i log on to the page.
how can i configure the server to prohibit anonymous access of those applications.(IBM Websphere Application Server 8)
should i firstly consider .htaccess file ???

PLS help, i have no idea on it

–>(restrict default anonymous login to authentication)!


While notoriously insecure, you can use .htaccess to check the {HTTP_REFERER} to be the specific linking page before allowing access to the page you want to protect.

Betters ways may be to either put the protected page in a password protected directory (a major PITA for visitors) or fetch the page (from outside your webspace) via PHP or AJAX and present it IN the linking page.



thanks for answering me! NICE!
best regards,