Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>This is the rough idea of what your module should look like. Your module will run on <strong>every</strong> request. You don't invoke it or pass anything to it, it just automatically fires whenever a request is made that ASP.Net is set to process.</p> <p>Your module will do two things, 1) authenticate a user in the login page, 2) authenticate a user on subsequent pages. The first step is to subscribe to the <code>BeginRequest</code> method which will be given the current <code>HttpApplication</code> as the first parameter. From there you need to determine if the user is on your login page or not. If they're not on your login page, check your session or cookie or querystring token, or whatever you're using to make sure that they're still valid. If they're invalid, bounce them back to the login page.</p> <p>If they're on your login page <em>and</em> have made a POST, look at the raw form fields and validate them. TextBoxes, checkboxes, etc don't exist here, only raw form fields. If they're valid, set your authentication token however you want (session, cookies, etc). If they're invalid, either redirect to the login page or inject a "try again" message or something.</p> <p>Also, if you double-post a message please <a href="https://stackoverflow.com/questions/4875110/a-question-about-ihttpmodule-read-ahead">reference it</a> so that we can follow the chain of what was already said.</p> <pre><code>class MyModule : IHttpModule { void IHttpModule.Init(HttpApplication context) { //Subscribe to the BeginRequest event context.BeginRequest += new EventHandler(this.Application_BeginRequest); } private void Application_BeginRequest(Object source, EventArgs e) { //Initialize our variables, null checks should be put here, too HttpApplication app = (HttpApplication)source; HttpContext context = app.Context; System.Web.SessionState.HttpSessionState s = context.Session; //Normally our module needs to validate every request to make sure our request is still authenticated. //The exception to that rule is on our logon page where they obviously don't have credentials yet. if(!context.Request.FilePath.ToLowerInvariant().StartsWith("/login.aspx")){ //If we're here then we're not on the logon page, validate our current session according to whatever logic we want if (s != null &amp;&amp; s["isvalid"] == "true"){ return; }else{ context.Response.Redirect("/login.aspx"); } }else{ //If we're here then we're on the login page itself. If there's a post, assume that they've hit the login button if (context.Request.HttpMethod == "POST") { //Whatever your form variables are called string username = context.Request.Form["username"]; string password = context.Request.Form["password"]; //Your own validation logic would go here if (MyCustomLogin.IsUserValid(username, password)) { s["isvalid"] = "true"; context.Response.Redirect("/Home.aspx"); }else{ s["isvalid"] = "false"; context.Response.Redirect("/login.aspx?error=invalid_login"); } }else{ //If we're here then the request is probably a GET or HEAD which would be from a person //initially browsing to our page so just do nothing and pass it through normally } } } } </code></pre>
    singulars
    1. This table or related slice is empty.
    1. POCustom authentication module inheriting IHttpModule issue
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USCommunity
    1. USChris Haas
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POCustom authentication module inheriting IHttpModule issue
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COGreat sample code! However, the Session was always null so I had to use the PreRequestHandlerExecute event instead of the BeginRequest...
      singulars
      1. PO
      1. USThe_Black_Smurf
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload