Introduction to HTTP Modules
Silan Liu,
ASP.NET provides a series of events such as BeginRequest, AuthenticateRequest, AuthorizeRequest,
etc. during request processing that your application can hook into with your
own event handlers, in which you can extract information from the request for
all sorts of purposes such as authentication, or change the content of the
request. The event handler class must be defined in the same namespace of the
web service and implement IhttpModule
interface, and must have an entry in the web.config
file so that ASP.NET knows to load it up at the correct event.
The entry in the web.config file has the following format:
<add name="HttpModuleClassName" type="NameSpacedHttpModuleType, AssemblyName" />
Neither the client nor the web service asmx file need any modification.
For more details about using HTTP modules, see
MSDN article Implementing
Intercepting Filter in ASP.NET Using HTTP Module.
The HTTP module in following example consumes
the AuthenticateRequest event:
The HTTP module:
using System;
using System.Web;
using System.Security.Principal;
using System.Diagnostics;
using System.IO;
namespace NsWSHttpModuleTest
{
public class AuthenticateRequestHttpModule : IHttpModule
{
private HttpApplication mHttpApp;
public void Init(HttpApplication httpApp)
{
this.mHttpApp = httpApp;
mHttpApp.AuthenticateRequest += new EventHandler(OnAuthentication);
}
void OnAuthentication(object sender, EventArgs a)
{
HttpApplication application = (HttpApplication)sender;
HttpRequest request = application.Context.Request;
WindowsIdentity identity = (WindowsIdentity)application.Context.User.Identity;
StreamWriter sw = new StreamWriter(request.MapPath("Test.txt"), true);
sw.WriteLine("User=" + identity.Name);
sw.Flush();
sw.Close();
}
public void Dispose()
{}
}
}
The web.config file:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<httpModules>
<add name="AuthenticateRequestHttpModule" type="NsWSHttpModuleTest.AuthenticateRequestHttpModule, WSHttpModuleTest" />
</httpModules>
</system.web>
</configuration>
Client:
[STAThread]
static void
{
Client.WSHttpModuleTest.Service1 s = new Client.WSHttpModuleTest.Service1();
s.Credentials = new System.Net.NetworkCredential("osi_de/fliu", "keepaway", "");
Console.WriteLine(s.HelloWorld());
Console.ReadLine();
}
After you have configured the IIS not to use
anonymous access, the “test.txt” file will have the following line:
User=OSI_DE\fliu
Because HTTP modules are not loaded by your code, if they expose any event, you can not connect them to the event consumers. They have to be connected by the framework. File global.asax is used for this purpose. In this file there are already some standard handler methods which responses to standard ASP.NET events. You can add your own handler methods. The way to connect the event exposed by the HTTP modules and the handler methods in global.asax is by the naming convention: for example, suppose the HTTP module’s class name is MyHttpModule and the event exposed is MyEventExposed, the handler method should be named MyHttpModule_OnMyEventExposed. Of course the method should conform to the event signature.
Again, the client and the web service do not need any modification.
Now let’s modify the sample code in last section:
using System;
using System.Web;
using System.Security.Principal;
using System.Diagnostics;
using System.IO;
namespace NsWSHttpModuleTest
{
public class MyEventArgs : EventArgs
{
private string mstrName;
public MyEventArgs(string strName)
{
mstrName = strName;
}
public string Name
{
get { return mstrName; }
set { mstrName = value; }
}
}
public delegate void MyEvent(object sender, MyEventArgs e);
/// <summary>
/// Summary description for
AuthenticateRequestHttpModule.
/// </summary>
public class AuthenticateRequestHttpModule : IHttpModule
{
private HttpApplication mHttpApp;
public event MyEvent MyEventExposed;
public void Init(HttpApplication httpApp)
{
this.mHttpApp = httpApp;
mHttpApp.AuthenticateRequest += new EventHandler(OnAuthentication);
}
void OnAuthentication(object sender, EventArgs a)
{
HttpRequest request = ((HttpApplication)sender).Context.Request;
MyEventArgs args = new MyEventArgs("Orginal Event");
MyEventExposed(this, args);
StreamWriter sw = new StreamWriter(request.MapPath("Test.txt"), true);
sw.WriteLine("EventName = \"" + args.Name + "\"");
sw.Flush();
sw.Close();
}
public void Dispose()
{}
}
}
The corresponding handler method in global.asax:
public void AuthenticateRequestHttpModule_OnMyEventExposed(object source, MyEventArgs e)
{
e.Name = "Event handled";
}