diff --git a/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs b/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs
index 6adcb6cf2b..c09fd0fa0c 100644
--- a/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs
+++ b/src/Umbraco.Web/UI/Pages/UmbracoEnsuredPage.cs
@@ -8,6 +8,7 @@ using umbraco;
 using umbraco.BusinessLogic;
 using umbraco.businesslogic.Exceptions;
 using Umbraco.Core;
+using Umbraco.Core.Security;
 
 namespace Umbraco.Web.UI.Pages
 {
@@ -37,10 +38,24 @@ namespace Umbraco.Web.UI.Pages
         /// Authorizes the user
         /// </summary>
         /// <param name="e"></param>
+        /// <remarks>
+        /// Checks if the page exists outside of the /umbraco route, in which case the request will not have been authenticated for the back office 
+        /// so we'll force authentication.
+        /// </remarks>
         protected override void OnPreInit(EventArgs e)
         {
             base.OnPreInit(e);
 
+            //If this is not a back office request, then the module won't have authenticated it, in this case we
+            // need to do the auth manually and since this is an UmbracoEnsuredPage, this is the anticipated behavior
+            // TODO: When we implement Identity, this process might not work anymore, will be an interesting challenge
+            if (Context.Request.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath) == false)
+            {
+                var http = new HttpContextWrapper(Context);
+                var ticket = http.GetUmbracoAuthTicket();
+                http.AuthenticateCurrentRequest(ticket, true);
+            }
+
             try
             {
                 Security.ValidateCurrentUser(true);
diff --git a/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs b/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs
index af2d9bf5aa..58362d50f2 100644
--- a/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs
+++ b/src/umbraco.businesslogic/BasePages/UmbracoEnsuredPage.cs
@@ -1,11 +1,13 @@
 using System;
 using Umbraco.Core.Logging;
 using System.Linq;
+using System.Web;
 using Umbraco.Core;
 using Umbraco.Core.IO;
 using Umbraco.Core.Logging;
 using umbraco.BusinessLogic;
 using umbraco.businesslogic.Exceptions;
+using Umbraco.Core.Security;
 
 namespace umbraco.BasePages
 {
@@ -15,6 +17,25 @@ namespace umbraco.BasePages
     [Obsolete("This class has been superceded by Umbraco.Web.UI.Pages.UmbracoEnsuredPage")]
     public class UmbracoEnsuredPage : BasePage
     {
+        /// <summary>
+        /// Checks if the page exists outside of the /umbraco route, in which case the request will not have been authenticated for the back office 
+        /// so we'll force authentication.
+        /// </summary>
+        /// <param name="e"></param>
+        protected override void OnPreInit(EventArgs e)
+        {
+            base.OnPreInit(e);
+
+            //If this is not a back office request, then the module won't have authenticated it, in this case we
+            // need to do the auth manually and since this is an UmbracoEnsuredPage, this is the anticipated behavior
+            // TODO: When we implement Identity, this process might not work anymore, will be an interesting challenge
+            if (Context.Request.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath) == false)
+            {
+                var http = new HttpContextWrapper(Context);
+                var ticket = http.GetUmbracoAuthTicket();
+                http.AuthenticateCurrentRequest(ticket, true);
+            }
+        }
 
         /// <summary>
         /// Gets/sets the app for which this page belongs to so that we can validate the current user's security against it