Our company has a multi tenant asp.net web application. The application is 3 tier

Question

0

Asked: May 30, 20262026-05-30T20:12:11+00:00 2026-05-30T20:12:11+00:00

Our company has a multi tenant asp.net web application. The application is 3 tier

0

Our company has a multi tenant asp.net web application. The application is 3 tier e.g. website,business and dataaccess. We hold the tenant id in session after the user logs in.

When we need to get a list of ‘customers or orders’ we pass the tenant id from the website to the business to the data access and then to the database (and query for customers or orders for that tenant). (almost every business function takes tenantId as a parameter)

Sometimes when creating new functions developers forget to add the tenant id from the website to the database, causing a security issue.

Is there a way we could do this so that the developers dont need to always remember to pass the tenant id.

Any suggestions on how best to resolve this issue.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-30T20:12:12+00:00

Editorial Team

2026-05-30T20:12:12+00:00Added an answer on May 30, 2026 at 8:12 pm

It sounds like you are passing all the values around individually.

If you construct an object that you can pass around freely, you will always have the information you need. I would assume that the UserId is always associated with a tenant. Can you build a simple object, store it in the session and then pass it to all functions needing it.

class user{
int userID;
int tenantID;
}

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Our company has a multi tenant asp.net web application. The application is 3 tier

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply