0

I have a web application developed in MVC 2.0. I have created a dynamic data website for this web application. For accessing the dynamic data website, the user is redirected to the login page of the MVC application.

On login, the session is created for the user. I want to access this session on my dynamic data website for checking the user's role and username. If the user has the admin role, then only user is allow to access the dynamic data website.

How can I achieve this?

tereško
  • 58,060
  • 25
  • 98
  • 150
Suri
  • 518
  • 2
  • 6
  • 20

1 Answers1

0

Try this solution:

On your First Web App (The one that user is used for login)

 //create a method that will redirect to your web app 2
    public ActionResult RedirectToAnotherSite(string name, string role)
    {
        //specify the IP or url for your web app 2
        //pass the parameters
        var rawUrl = string.Format("http://localhost:8051?name={0}&role={1}", name, role);
        return Redirect(rawUrl);
    }

On your web app 2 (dynamic) open the file Global.asax and add the following code

 void Application_BeginRequest(object sender, EventArgs e)
        {
            //get the passed parameters
            var req = ((HttpApplication)(sender)).Request;
            var name = req.QueryString["name"] ?? string.Empty;
            var role = req.QueryString["role"] ?? string.Empty;

            //check the role
            if (!role.Equals("admin"))
            {
                //return http access denied
                var res = ((HttpApplication)(sender)).Response;
                res.StatusCode = 401;
            }
        }
Jobert Enamno
  • 4,403
  • 8
  • 41
  • 63
  • Thanks dear this really helpful.But can you tell me how to use the encryption and decryption for the query string for security reason – Suri Jan 18 '13 at 20:48