Using a marker with a httpmodule to check for a session variable prior to page_load

This is a follow-on question from http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/ASP_DOT_NET/Q_21916656.html

I have a httpmodule that checks for a session value before each page loads.  If the session value is nothing, then the user is redirected to a login page.  This module is detailed below.

The problem now is that I need this httpmodule to not affect the login.aspx page.  Every page EXCEPT for login.aspx should utilize this module.
I currently seem to get an infinite redirect taking place (according to Firefox).

Namespace myNS.Modules
      Public Class MyModule
            Implements IHttpModule

            Public Sub New()
            End Sub

            Public Sub Init(ByVal ctx As HttpApplication) Implements System.Web.IHttpModule.Init
                  AddHandler ctx.PreRequestHandlerExecute, AddressOf context_PreRequestHandlerExecute
            End Sub

            Public Sub Dispose() Implements System.Web.IHttpModule.Dispose
            End Sub

            Private Sub context_PreRequestHandlerExecute(ByVal sender As Object, ByVal e As EventArgs)
                  CaptureSessionContent()
            End Sub

            Private Sub CaptureSessionContent()
                  Dim ctx As HttpContext = HttpContext.Current
                  Dim session As HttpSessionState = ctx.Session
                  If session("integerValue") Is Nothing Then
                        ctx.Response.Redirect("login.aspx", True)
                  End If
            End Sub
      End Class
End Namespace
LVL 25
RouchieAsked:
Who is Participating?
 
rodmjayCommented:
OK, I couldnt figure out how to access the page object from the httpmodule.  I am thinking that it is not created yet??  Does anyone out there know?

Try this solution and tell me if it works if the login page is the only one that needs to be altered.

    Public Sub New()
    End Sub

    Public Sub Init(ByVal ctx As HttpApplication) Implements System.Web.IHttpModule.Init
        AddHandler ctx.PostAcquireRequestState, AddressOf context_PostAcquireRequestState
    End Sub

    Public Sub Dispose() Implements System.Web.IHttpModule.Dispose
    End Sub

    Private Sub context_PostAcquireRequestState(ByVal sender As Object, ByVal e As EventArgs)
        CaptureSessionContent()
    End Sub

    Private Sub CaptureSessionContent()
        Dim ctx As HttpContext = HttpContext.Current
        Dim session As HttpSessionState = ctx.Session
        If ctx.Request.RawUrl.Contains("login.aspx") Then
            If session("integerValue") Is Nothing Then
                ctx.Response.Redirect("login.aspx", True)
            End If
        End If
    End Sub
0
 
rodmjayCommented:
Have you tried the solution i gave you, the marker interface?
0
 
RouchieAuthor Commented:
Hi rodmjay
If you're referring to the INoSessionCheck, then no I haven't because you suggested starting a new thread in which you would post the information.  I don't know how to implement this so any examples would be really helpful.

Thanks for getting back, btw!
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
RouchieAuthor Commented:
Hi rodmjay

>> Try this solution and tell me if it works if the login page is the only one that needs to be altered.
Sadly this didn't work.  I got the error in firefox again about a never-ending redirect when I tried to access login.aspx

>> OK, I couldnt figure out how to access the page object from the httpmodule.
I googled this and found a thread containing this C# code.  Apologies if it's not correct but I hope it is what you require...
    System.Web.UI.Page myPage = HttpContext.Current.Handler;
0
 
rodmjayCommented:
Awesome, OK then try a simple check like this

If myPage isnot INoSessionCheck

and you should be good.  Im not sure why this is happening in firefox. You may want to step through with a debugger and see what is happening.
0
 
RouchieAuthor Commented:
Hi again,
Sorry to go back a step, but I think I might have solved it.  I read your code carefully and noticed that where you check to see if we are on the login.aspx page, the session check only happens if we ARE on the page, when it actually needs to be the other way around!

I changed the if statement to be IF NOT, like this:

If Not ctx.Request.RawUrl.Contains("login.aspx") Then
      If session("customerID") Is Nothing Then
            ctx.Response.Redirect("login.aspx", True)
      End If
End If

This has successfully stopped the never-ending loop, but I have a couple of other minor things to ask...:

 1. Can the code within CaptureSessionContent() be moved inside context_PostAcquireRequestState()?
     This would remove a few lines of code from the module if it is possible.

 2. Does PostAcquireRequestState occur automatically in the loading events of each individual page?
    Just making sure that this module will execute for every single page!

Thanks loads for your help btw.
0
 
rodmjayCommented:
The post acqire does occur automatically, but before the page object is actually loaded.  I guess while you could say its still an embryo...

Basically when you create modules, you have to know what happens when, for example, the session variables do not become available until AcquireRequestState event.  So if you need to get the session variables, any event that occurs after this event will have access to them.  I changed the event to the PostAcquireRequestState, because this is the first event (that i know of) that will allow you to access the session variables.

0
 
RouchieAuthor Commented:
Excellent explanation rodmjay, thank you for your help with this :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.