Hi,
In my ASP.Net application, I have my business logic written in a DLL that is accessed by the Presentation tier(aspx pages). I have saved the user roles and his other security related information in the user's Session. I want that after a user is logged, On every subsequent http request from the browser, a BLOCK OF CODE should read the Session variables and add them to the current Thread, so that when the aspx page calls the business-logic DLL, the DLL can extract the security information of the user and work accordingly.
I was trying to write that BLOCK OF CODE in Application_AuthenticateRequest event handler in the Global.asax but later realized that the Session variables are NOT available in that.
I do not want to embed user security information in the Forms Authentication Ticket because this information may be too big and shall consume much network traffic.
Can someone suggest, where should I write that BLOCK OF CODE, which gets executed on every incoming request from the browser and also use Session variables.
Thanks in advance,