Roles Based Security and Server.Transfer

Discussion in 'ASP .Net Security' started by Nick Breau, Sep 30, 2003.

  1. Nick Breau

    Nick Breau Guest

    Hi All,

    I'm looking into a Security solution using ASP.NET and C# for an
    Enterprise level application. I would like to implement Role based
    security with authorization being performed via entries in the
    web.config file (non programatically, without having to call the
    ..IsInRole("blabla"); method.

    Evertying has been fine so far.

    However, I am also using a frontController (extending IHttpHandler)
    and all requests to the server pass throught my custom frontController
    and get redirected to the requested page via Server.Transfer.

    The problem is that the call to Server.Transfer seems to bypass the
    authentication for the page the user is being transfered to. I'm
    assuming this is probably by nature due to the way server.transfer
    works. Response.Redirect is not an option due to performance reasons.


    Does anybody have any suggestions or work arounds for this problem ?
    So far it seems to me like I've hit a major roadblock.

    thanks,
    Nick.
    Nick Breau, Sep 30, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nick Breau

    Roles Based Security and Server.Transfer Problem

    Nick Breau, Oct 1, 2003, in forum: ASP .Net Security
    Replies:
    0
    Views:
    102
    Nick Breau
    Oct 1, 2003
  2. Jéjé
    Replies:
    0
    Views:
    232
    Jéjé
    Sep 27, 2005
  3. Eric
    Replies:
    0
    Views:
    190
  4. Kursat
    Replies:
    1
    Views:
    310
    Dominick Baier
    May 7, 2007
  5. Jim
    Replies:
    1
    Views:
    870
    Aaron Bertrand - MVP
    Jan 28, 2004
Loading...

Share This Page