Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Roles Based Security and Server.Transfer

Thread Tools

Roles Based Security and Server.Transfer

Nick Breau
Posts: n/a
Hi All,

I'm looking into a Security solution using ASP.NET and C# for an
Enterprise level application. I would like to implement Role based
security with authorization being performed via entries in the
web.config file (non programatically, without having to call the
..IsInRole("blabla"); method.

Evertying has been fine so far.

However, I am also using a frontController (extending IHttpHandler)
and all requests to the server pass throught my custom frontController
and get redirected to the requested page via Server.Transfer.

The problem is that the call to Server.Transfer seems to bypass the
authentication for the page the user is being transfered to. I'm
assuming this is probably by nature due to the way server.transfer
works. Response.Redirect is not an option due to performance reasons.

Does anybody have any suggestions or work arounds for this problem ?
So far it seems to me like I've hit a major roadblock.

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
AzMan Role Based Security vs. ASP.NET Role Based Security Kursat ASP .Net Security 1 05-07-2007 01:33 PM
Forms Based Authentication and AD and Roles and Security Trimming! Eric ASP .Net Security 0 11-01-2006 03:24 PM
Application level roles + Item level roles... how to do it? Jéjé ASP .Net Security 0 09-26-2005 11:06 PM
ARCHITECTURE : Enabling and disabling functionality in ASP.NET based on roles. VSK ASP .Net 0 10-23-2003 02:57 AM
Roles Based Security and Server.Transfer Problem Nick Breau ASP .Net Security 0 10-01-2003 12:12 PM