I am using code access security for my methods which are in a class library and hosted in ASP.Net process. The attribute class checks for some values in Session and sets the principalpermission appropriately. The method works fine allowing only valid threads to pass thru and exceute the method. But the problem is this happes only once and for every subsequent aspx calls does not hit the attribute class. (I guess CLR optimizes it). My problem is if the session has a different value then the attibute should behave appropriately. Now, it takes new value from Session only when I recycle my asp process and happens only once for the request. IS there a way to circumvent this? Any suggestions?
View Complete Post