Well this depends on how you have setup your Website security. If you use the .NET FormsAuthentication classes this is a relatively easy requirement to fulfil.
When a user logs on to your website you would do something similar to this:
FormsAuthentication.RedirectFromLoginPage([username], [true||false])
Now, the bool value is what you need to be concerned with, if it is set to true the runtime will create a cookie on the users PC that will presist for 50 years if it is set to false the cookie will only persist for as long as the browser is open.
With that said, as long as you dont give the user the ability to stay logged into your website (a poor useability choice IMHO) you can manually set this to false in all of your code. Now say you have a directory structure like this:
**root files
-->default.aspx
-->otherfile.aspx
**super_secert_directory**
-->super_secert_file.aspx
Lets say that the file super_secert_file.aspx is the page you dont want the user to directly link to once they have closed their browser what you need to do is add a web.config file to that directory that looks like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</configuration>
If a user links directly to this page (and you have not allowed them to persist their logon cookie) they will be directed to the logon page. What this web config file "says" is that all anonomous users are not allowed to view ANY file in that directory. So if you had, say, 10 files in there, a user who isnt logged on couldnt view any of them!
Again this is assuming you are using forms authentication and it is, by far, the fastest way to achieve what you are asking.
hth.
-------------------------
I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.
^^Thats my signature
Security Question
