HTTPModules vs Global.asax

T

tshad

I am setting up Authentication that I want to put in multiple Web Sites on
my server.

I found a good article on this and am looking at moving my code from my
Global.asax file to an HTTP Module. This works fine.

But I was curious about what would happen if I left the Global.asax code in
(which is identical to the HTTPModule code) as well as added the HTTPModule.
Both call the same event and both sets of code is executed.

It seems to do the HTTPModule first and then does the Global.asax code.

I am going to take the Global.asax code out, but am curious as to what the
order is that these things are called. Why is the HTTPModule called first
and then the Global.asax?

Here is the code from the HttpModule:
***********************************************
namespace AuthModule
{
public class SetIdentity: IHttpModule
{
public SetIdentity()
{
}

public void Init(HttpApplication context)
{
context.AuthenticateRequest +=
(new EventHandler(this.Application_AuthenticateRequest));
}

private void Application_AuthenticateRequest(Object source, EventArgs e)
{
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;

// Get the authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = context.Request.Cookies[cookieName];
if(authCookie==null)
return;

// Get the authentication ticket
// and rebuild the principal & identity
FormsAuthenticationTicket authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
string[] roles = authTicket.UserData.Split(new Char [] {'|'});
GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
GenericPrincipal userPrincipal =
new GenericPrincipal(userIdentity, roles);
context.User = userPrincipal;
}

public void Dispose()
{
}
}
}
*************************************************************

Thanks,

Tom
 
M

MSDN

You use the HTTPModule want to intercept the call before it gets to your
application.???!!
That is why the HTTPModule is executed first.

SA
 
K

Karl Seguin [MVP]

I use HttpModules because they are far more reusable. For example, I have
an Fuel.Web.ErrorModule.

which hooks into application.Error and does some error logging (via
log4net). I've reused the module across countless applications.

Similarly, I have a Fuel.Web.LocalizationModule which is at the core of the
localization stuff i use
(http://openmymind.net/index.aspx?documentId=4#urlrewrite). Again, all
because they are highly reusable.

Karl
--
http://www.openmymind.net/
http://www.fuelindustries.com/


MSDN said:
You use the HTTPModule want to intercept the call before it gets to your
application.???!!
That is why the HTTPModule is executed first.

SA


tshad said:
I am setting up Authentication that I want to put in multiple Web Sites on
my server.

I found a good article on this and am looking at moving my code from my
Global.asax file to an HTTP Module. This works fine.

But I was curious about what would happen if I left the Global.asax code
in
(which is identical to the HTTPModule code) as well as added the
HTTPModule.
Both call the same event and both sets of code is executed.

It seems to do the HTTPModule first and then does the Global.asax code.

I am going to take the Global.asax code out, but am curious as to what
the
order is that these things are called. Why is the HTTPModule called
first
and then the Global.asax?

Here is the code from the HttpModule:
***********************************************
namespace AuthModule
{
public class SetIdentity: IHttpModule
{
public SetIdentity()
{
}

public void Init(HttpApplication context)
{
context.AuthenticateRequest +=
(new EventHandler(this.Application_AuthenticateRequest));
}

private void Application_AuthenticateRequest(Object source, EventArgs e)
{
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;

// Get the authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = context.Request.Cookies[cookieName];
if(authCookie==null)
return;

// Get the authentication ticket
// and rebuild the principal & identity
FormsAuthenticationTicket authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
string[] roles = authTicket.UserData.Split(new Char [] {'|'});
GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
GenericPrincipal userPrincipal =
new GenericPrincipal(userIdentity, roles);
context.User = userPrincipal;
}

public void Dispose()
{
}
}
}
*************************************************************

Thanks,

Tom
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top