Roles Based Security and Server.Transfer Problem

N

Nick Breau

Hi All,

I'm looking into a Security solution using ASP.NET and C# for an
Enterprise level application. I would like to implement Role based
security with authorization being performed via entries in the
web.config file (non programmatically, without having to call the
..IsInRole("blabla"); method.

Everything has been fine so far.

However, I am also using a frontController (extending IHttpHandler)
and all requests to the server pass through my custom frontController
and get redirected to the requested page via Server.Transfer.

The problem is that the call to Server.Transfer seems to bypass the
authentication for the page the user is being transferred to. I'm
assuming this is probably by nature due to the way server.transfer
works. Response.Redirect is not an option due to performance reasons.


Does anybody have any suggestions or work arounds for this problem ?
So far it seems to me like I've hit a major roadblock.

thanks,
Nick.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top