User-952121411 posted
Since this is an 'Architecture' forum I would advise against your provided approach. Coupling (2) MVC apps and relying on the Views being returned is not a great idea IMO. What you should consider is using something like WebAPI and a RESTful service to serve
up the same required data for 1...n applications, but yet still have each app be responsible for its own Views. In this manner you can use more standard methods of security when interacting with the RESTful service and not have to tend to the
niche security scenarios you questioned about earlier.
I realize what I suggest is not a 'quick fix,' but you should consider an alternate approach if what you truly need is more than 1 application requiring the same underlying data. What happens if app #2 decided to all the sudden use AngularJS for its front
end and not MVC? By sharing Views you are coupled to a technology implementation. If you serve up the underlying data in a RESTful manner returning JSON/XML you don't have to be concerned at all with the consuming parties technology.