?
Solved

Using a marker with a httpmodule to check for a session variable prior to page_load

Posted on 2006-07-19
8
Medium Priority
?
522 Views
Last Modified: 2009-07-29
This is a follow-on question from http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/ASP_DOT_NET/Q_21916656.html

I have a httpmodule that checks for a session value before each page loads.  If the session value is nothing, then the user is redirected to a login page.  This module is detailed below.

The problem now is that I need this httpmodule to not affect the login.aspx page.  Every page EXCEPT for login.aspx should utilize this module.
I currently seem to get an infinite redirect taking place (according to Firefox).

Namespace myNS.Modules
      Public Class MyModule
            Implements IHttpModule

            Public Sub New()
            End Sub

            Public Sub Init(ByVal ctx As HttpApplication) Implements System.Web.IHttpModule.Init
                  AddHandler ctx.PreRequestHandlerExecute, AddressOf context_PreRequestHandlerExecute
            End Sub

            Public Sub Dispose() Implements System.Web.IHttpModule.Dispose
            End Sub

            Private Sub context_PreRequestHandlerExecute(ByVal sender As Object, ByVal e As EventArgs)
                  CaptureSessionContent()
            End Sub

            Private Sub CaptureSessionContent()
                  Dim ctx As HttpContext = HttpContext.Current
                  Dim session As HttpSessionState = ctx.Session
                  If session("integerValue") Is Nothing Then
                        ctx.Response.Redirect("login.aspx", True)
                  End If
            End Sub
      End Class
End Namespace
0
Comment
Question by:Rouchie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 8

Expert Comment

by:rodmjay
ID: 17154478
Have you tried the solution i gave you, the marker interface?
0
 
LVL 25

Author Comment

by:Rouchie
ID: 17154520
Hi rodmjay
If you're referring to the INoSessionCheck, then no I haven't because you suggested starting a new thread in which you would post the information.  I don't know how to implement this so any examples would be really helpful.

Thanks for getting back, btw!
0
 
LVL 8

Accepted Solution

by:
rodmjay earned 2000 total points
ID: 17154868
OK, I couldnt figure out how to access the page object from the httpmodule.  I am thinking that it is not created yet??  Does anyone out there know?

Try this solution and tell me if it works if the login page is the only one that needs to be altered.

    Public Sub New()
    End Sub

    Public Sub Init(ByVal ctx As HttpApplication) Implements System.Web.IHttpModule.Init
        AddHandler ctx.PostAcquireRequestState, AddressOf context_PostAcquireRequestState
    End Sub

    Public Sub Dispose() Implements System.Web.IHttpModule.Dispose
    End Sub

    Private Sub context_PostAcquireRequestState(ByVal sender As Object, ByVal e As EventArgs)
        CaptureSessionContent()
    End Sub

    Private Sub CaptureSessionContent()
        Dim ctx As HttpContext = HttpContext.Current
        Dim session As HttpSessionState = ctx.Session
        If ctx.Request.RawUrl.Contains("login.aspx") Then
            If session("integerValue") Is Nothing Then
                ctx.Response.Redirect("login.aspx", True)
            End If
        End If
    End Sub
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 25

Author Comment

by:Rouchie
ID: 17166481
Hi rodmjay

>> Try this solution and tell me if it works if the login page is the only one that needs to be altered.
Sadly this didn't work.  I got the error in firefox again about a never-ending redirect when I tried to access login.aspx

>> OK, I couldnt figure out how to access the page object from the httpmodule.
I googled this and found a thread containing this C# code.  Apologies if it's not correct but I hope it is what you require...
    System.Web.UI.Page myPage = HttpContext.Current.Handler;
0
 
LVL 8

Expert Comment

by:rodmjay
ID: 17168268
Awesome, OK then try a simple check like this

If myPage isnot INoSessionCheck

and you should be good.  Im not sure why this is happening in firefox. You may want to step through with a debugger and see what is happening.
0
 
LVL 25

Author Comment

by:Rouchie
ID: 17168521
Hi again,
Sorry to go back a step, but I think I might have solved it.  I read your code carefully and noticed that where you check to see if we are on the login.aspx page, the session check only happens if we ARE on the page, when it actually needs to be the other way around!

I changed the if statement to be IF NOT, like this:

If Not ctx.Request.RawUrl.Contains("login.aspx") Then
      If session("customerID") Is Nothing Then
            ctx.Response.Redirect("login.aspx", True)
      End If
End If

This has successfully stopped the never-ending loop, but I have a couple of other minor things to ask...:

 1. Can the code within CaptureSessionContent() be moved inside context_PostAcquireRequestState()?
     This would remove a few lines of code from the module if it is possible.

 2. Does PostAcquireRequestState occur automatically in the loading events of each individual page?
    Just making sure that this module will execute for every single page!

Thanks loads for your help btw.
0
 
LVL 8

Expert Comment

by:rodmjay
ID: 17171352
The post acqire does occur automatically, but before the page object is actually loaded.  I guess while you could say its still an embryo...

Basically when you create modules, you have to know what happens when, for example, the session variables do not become available until AcquireRequestState event.  So if you need to get the session variables, any event that occurs after this event will have access to them.  I changed the event to the PostAcquireRequestState, because this is the first event (that i know of) that will allow you to access the session variables.

0
 
LVL 25

Author Comment

by:Rouchie
ID: 17173741
Excellent explanation rodmjay, thank you for your help with this :-)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question