HttpModule events

H

Holly Li

Hi,
I am following the example in .net's help doc--"Securing
XML Web Services Created Using ASP.NET"
I have copied all the code from the example but couldn't
make it to work. The problem is that inside the method:
private void OnAuthenticate(WebServiceAuthenticationEvent
e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User = e.Principal;
}
}
_eventHandler is always null. So the method returns from
there. I am not sure what I did is wrong. Could someone
help? Thank you.
Followings are code:

1)HttpModele
using System;
using System.Web;
using System.IO;
using System.Xml;
using System.Xml.XPath;
using System.Text;
using System.Web.Services.Protocols;

namespace Security
{
public delegate void
WebServiceAuthenticationEventHandler(Object sender,
WebServiceAuthenticationEvent e);

public class WebServiceAuthenticationModule :
IHttpModule
{
private
WebServiceAuthenticationEventHandler
_eventHandler = null;

public event
WebServiceAuthenticationEventHandler Authenticate
{
add { _eventHandler += value;}
remove {_eventHandler -= value;}
}

public void Dispose()
{
}

public void Init(HttpApplication app)
{
app.AuthenticateRequest += new
EventHandler
(this.OnEnter);


}

private void OnAuthenticate
(WebServiceAuthenticationEvent e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User =
e.Principal;


}

public string ModuleName
{
get{
return "WebServiceAuthentication"; }
}

void OnEnter(Object source, EventArgs
eventArgs)
{
HttpApplication app =
(HttpApplication)source;
HttpContext context = app.Context;
Stream HttpStream =
context.Request.InputStream;

// Save the current position of
stream.
long posStream =
HttpStream.Position;

// If the request contains an
HTTP_SOAPACTION
// header, look at this message.
if
(context.Request.ServerVariables["HTTP_SOAPACTION"]
== null)
return;

// Load the body of the HTTP
message
// into an XML document.
XmlDocument dom = new XmlDocument
();
string soapUser;
string soapPassword;

try
{
dom.Load(HttpStream);

// Reset the stream
position.
HttpStream.Position =
posStream;

// Bind to the
Authentication header.
soapUser =

dom.GetElementsByTagName("User").Item
(0).InnerText;
soapPassword =

dom.GetElementsByTagName("Password").Item
(0).InnerText;
}
catch (Exception e)
{
// Reset the position of
stream.
HttpStream.Position =
posStream;

// Throw a SOAP exception.
XmlQualifiedName name =
new
XmlQualifiedName
("Load");
SoapException
soapException = new SoapException(
"Unable to read
SOAP request", name, e);
throw soapException;
}

// Raise the custom global.asax
event.
OnAuthenticate(new
WebServiceAuthenticationEvent
(context, soapUser,
soapPassword));
return;
}
}
}
2)the code that is added to global.aspx:
protected void WebServiceAuthentication_OnAuthenticate
(Object sender, WebServiceAuthenticationEvent e)
{

if(e.User=="hello" &&
e.Password=="hellopw")
{
string[] roles={"admin"};
e.Authenticate(roles);
}
}

3)The code added to web.config
<configSections>
<section name="WebServiceAuthentication"
type="Security.WebServiceAuthenticationModule,
WebServiceSample" allowLocation="false" />

</configSections>


Holly
 
B

bruce barker

you don't have any code that inits _eventHandler

-- bruce (sqlwork.com)


Holly Li said:
Hi,
I am following the example in .net's help doc--"Securing
XML Web Services Created Using ASP.NET"
I have copied all the code from the example but couldn't
make it to work. The problem is that inside the method:
private void OnAuthenticate(WebServiceAuthenticationEvent
e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User = e.Principal;
}
}
_eventHandler is always null. So the method returns from
there. I am not sure what I did is wrong. Could someone
help? Thank you.
Followings are code:

1)HttpModele
using System;
using System.Web;
using System.IO;
using System.Xml;
using System.Xml.XPath;
using System.Text;
using System.Web.Services.Protocols;

namespace Security
{
public delegate void
WebServiceAuthenticationEventHandler(Object sender,
WebServiceAuthenticationEvent e);

public class WebServiceAuthenticationModule :
IHttpModule
{
private
WebServiceAuthenticationEventHandler
_eventHandler = null;

public event
WebServiceAuthenticationEventHandler Authenticate
{
add { _eventHandler += value;}
remove {_eventHandler -= value;}
}

public void Dispose()
{
}

public void Init(HttpApplication app)
{
app.AuthenticateRequest += new
EventHandler
(this.OnEnter);


}

private void OnAuthenticate
(WebServiceAuthenticationEvent e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User =
e.Principal;


}

public string ModuleName
{
get{
return "WebServiceAuthentication"; }
}

void OnEnter(Object source, EventArgs
eventArgs)
{
HttpApplication app =
(HttpApplication)source;
HttpContext context = app.Context;
Stream HttpStream =
context.Request.InputStream;

// Save the current position of
stream.
long posStream =
HttpStream.Position;

// If the request contains an
HTTP_SOAPACTION
// header, look at this message.
if
(context.Request.ServerVariables["HTTP_SOAPACTION"]
== null)
return;

// Load the body of the HTTP
message
// into an XML document.
XmlDocument dom = new XmlDocument
();
string soapUser;
string soapPassword;

try
{
dom.Load(HttpStream);

// Reset the stream
position.
HttpStream.Position =
posStream;

// Bind to the
Authentication header.
soapUser =

dom.GetElementsByTagName("User").Item
(0).InnerText;
soapPassword =

dom.GetElementsByTagName("Password").Item
(0).InnerText;
}
catch (Exception e)
{
// Reset the position of
stream.
HttpStream.Position =
posStream;

// Throw a SOAP exception.
XmlQualifiedName name =
new
XmlQualifiedName
("Load");
SoapException
soapException = new SoapException(
"Unable to read
SOAP request", name, e);
throw soapException;
}

// Raise the custom global.asax
event.
OnAuthenticate(new
WebServiceAuthenticationEvent
(context, soapUser,
soapPassword));
return;
}
}
}
2)the code that is added to global.aspx:
protected void WebServiceAuthentication_OnAuthenticate
(Object sender, WebServiceAuthenticationEvent e)
{

if(e.User=="hello" &&
e.Password=="hellopw")
{
string[] roles={"admin"};
e.Authenticate(roles);
}
}

3)The code added to web.config
<configSections>
<section name="WebServiceAuthentication"
type="Security.WebServiceAuthenticationModule,
WebServiceSample" allowLocation="false" />

</configSections>


Holly
 
H

Holly

Thank you.
If the handler is a method in this HttpModule I could do:
this.Authenticate +=new
WebServiceAuthenticationEventHandler(MyMethod);

Now the method is in global.aspx
How do I init the _eventHandler?
Thank you.
Holly
-----Original Message-----
you don't have any code that inits _eventHandler

-- bruce (sqlwork.com)


Holly Li said:
Hi,
I am following the example in .net's help doc-- "Securing
XML Web Services Created Using ASP.NET"
I have copied all the code from the example but couldn't
make it to work. The problem is that inside the method:
private void OnAuthenticate (WebServiceAuthenticationEvent
e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User = e.Principal;
}
}
_eventHandler is always null. So the method returns from
there. I am not sure what I did is wrong. Could someone
help? Thank you.
Followings are code:

1)HttpModele
using System;
using System.Web;
using System.IO;
using System.Xml;
using System.Xml.XPath;
using System.Text;
using System.Web.Services.Protocols;

namespace Security
{
public delegate void
WebServiceAuthenticationEventHandler(Object sender,
WebServiceAuthenticationEvent e);

public class WebServiceAuthenticationModule :
IHttpModule
{
private
WebServiceAuthenticationEventHandler
_eventHandler = null;

public event
WebServiceAuthenticationEventHandler Authenticate
{
add { _eventHandler += value;}
remove {_eventHandler -= value;}
}

public void Dispose()
{
}

public void Init(HttpApplication app)
{
app.AuthenticateRequest += new
EventHandler
(this.OnEnter);


}

private void OnAuthenticate
(WebServiceAuthenticationEvent e)
{
if (_eventHandler == null)
return;

_eventHandler(this, e);
if (e.User != null)
e.Context.User =
e.Principal;


}

public string ModuleName
{
get{
return "WebServiceAuthentication"; }
}

void OnEnter(Object source, EventArgs
eventArgs)
{
HttpApplication app =
(HttpApplication)source;
HttpContext context = app.Context;
Stream HttpStream =
context.Request.InputStream;

// Save the current position of
stream.
long posStream =
HttpStream.Position;

// If the request contains an
HTTP_SOAPACTION
// header, look at this message.
if
(context.Request.ServerVariables["HTTP_SOAPACTION"]
== null)
return;

// Load the body of the HTTP
message
// into an XML document.
XmlDocument dom = new XmlDocument
();
string soapUser;
string soapPassword;

try
{
dom.Load(HttpStream);

// Reset the stream
position.
HttpStream.Position =
posStream;

// Bind to the
Authentication header.
soapUser =

dom.GetElementsByTagName("User").Item
(0).InnerText;
soapPassword =

dom.GetElementsByTagName("Password").Item
(0).InnerText;
}
catch (Exception e)
{
// Reset the position of
stream.
HttpStream.Position =
posStream;

// Throw a SOAP exception.
XmlQualifiedName name =
new
XmlQualifiedName
("Load");
SoapException
soapException = new SoapException(
"Unable to read
SOAP request", name, e);
throw soapException;
}

// Raise the custom global.asax
event.
OnAuthenticate(new
WebServiceAuthenticationEvent
(context, soapUser,
soapPassword));
return;
}
}
}
2)the code that is added to global.aspx:
protected void WebServiceAuthentication_OnAuthenticate
(Object sender, WebServiceAuthenticationEvent e)
{

if(e.User=="hello" &&
e.Password=="hellopw")
{
string[] roles={"admin"};
e.Authenticate(roles);
}
}

3)The code added to web.config
<configSections>
<section name="WebServiceAuthentication"
type="Security.WebServiceAuthenticationModule,
WebServiceSample" allowLocation="false" />

</configSections>


Holly


.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top