| SitePoint Sponsor |
|
|
User Tag List
Results 1 to 5 of 5
-
Feb 19, 2008, 22:44 #1SitePoint Evangelist
- Join Date
- Aug 2004
- Posts
- 428
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
IHttpModule Context.User.Identity.IsAuthenticated
I would like to implement an intercept filter so that anyone not yet authenticated go into a guest list.
the problem is
application.Context.User
is null.
anyone with any solutions? httpmodule makes the most sense to put this logic at.
PHP Code:using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Data.Common;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
namespace RobustHaven.Domains.Web.Components.Users
{
class TrackGuestHttpModule : IHttpModule
{
public virtual void Init(HttpApplication application)
{
if (!application.Context.User.Identity.IsAuthenticated)
{
// is guest
Npgsql.NpgsqlConnection conn = new Npgsql.NpgsqlConnection(ConfigurationManager.ConnectionStrings["dbhReader"].ConnectionString);
Npgsql.NpgsqlCommand insertguest = new Npgsql.NpgsqlCommand(
@"
SELECT users.addactiveguest(:in_ipaddress)
", conn);
insertguest.Parameters.Add(new Npgsql.NpgsqlParameter("in_ipaddress", DbType.String));
insertguest.Parameters[0].Value = RobustHaven.Domains.Web.Utilities.getIpAddress();
try
{
conn.Open();
insertguest.ExecuteScalar();
}
catch (Npgsql.NpgsqlException exception)
{
throw exception;
}
finally
{
conn.Close();
}
}
}
public void Dispose()
{
}
}
}
-
Feb 19, 2008, 23:48 #2SitePoint Evangelist
- Join Date
- Aug 2004
- Posts
- 428
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
never mind here is my solution
and on login i add MembershipUser to HttpContext.Current.Session["MembershipUser"]PHP Code:using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Data.Common;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
namespace RobustHaven.Domains.Web.Components.Users
{
class TrackGuestHttpModule : IHttpModule, System.Web.SessionState.IRequiresSessionState
{
public void Init(HttpApplication application)
{
application.AcquireRequestState += new EventHandler(application_AcquireRequestState);
}
void application_AcquireRequestState(object sender, EventArgs e)
{
if ( HttpContext.Current.Session["MembershipUser"] == null)
{
// is guest
Npgsql.NpgsqlConnection conn = new Npgsql.NpgsqlConnection(ConfigurationManager.ConnectionStrings["dbhReader"].ConnectionString);
Npgsql.NpgsqlCommand insertguest = new Npgsql.NpgsqlCommand(
@"
SELECT users.addactiveguest(:in_ipaddress)
", conn);
insertguest.Parameters.Add(new Npgsql.NpgsqlParameter("in_ipaddress", DbType.String));
insertguest.Parameters[0].Value = RobustHaven.Domains.Web.Utilities.getIpAddress();
try
{
conn.Open();
insertguest.ExecuteScalar();
}
catch (Npgsql.NpgsqlException exception)
{
throw exception;
}
finally
{
conn.Close();
}
}
}
public bool IsReusable
{
get { return true; }
}
public void Dispose()
{
}
}
}
-
Feb 20, 2008, 05:51 #3SitePoint Author
- Join Date
- May 2003
- Location
- Washington, DC
- Posts
- 10,653
- Mentioned
- 4 Post(s)
- Tagged
- 0 Thread(s)
I would double check the sources on the SqlMembershipProvider, but I doubt that they are storing anything in the Session. Its too unreliable for stuff as important as Membership.
Also---I would highly advise not catching exceptions like you are catching them. That will just truncate the stack trace and leave you wondering what went wrong. I would just skip the catch clause there, unless you are going to do something with it. If you do want to throw an exception you have caught, use throw by itself:
Code:catch (DbException dex) { Logger.Log(dex.Message); throw; }
-
Feb 20, 2008, 10:25 #4SitePoint Evangelist
- Join Date
- Aug 2004
- Posts
- 428
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
>but I doubt that they are storing anything in the Session.
correct i add the user to the session myself on login.
>Also---I would highly advise not catching exceptions like you are catching them.
I agree i'll keep "throw;" in mind for the future but for now i removed the catch block
Also -- I would highly advice not rewriting code like you do for exception handling. : ]
catch (DbException dex)
{
Logger.Log(dex.Message);
throw;
}
can be setup globally wrapped up in an httpmodule
it gives enough information to put in a db or where ever Logger.Log(dex.Message);PHP Code:public virtual void Init(HttpApplication application)
{
application.Error += new EventHandler(this.OnError);
}
all kidding aside if you have any other methods for global exception handling do tell...
-
Feb 20, 2008, 12:53 #5SitePoint Author
- Join Date
- May 2003
- Location
- Washington, DC
- Posts
- 10,653
- Mentioned
- 4 Post(s)
- Tagged
- 0 Thread(s)
First, that was pretty much off the cuff example code--more likely one would see something like this:
The real point being that catching should do something rather than just rethrow an error.Code:catch { transaction.RollBack(); throw; }
As for your example, that is great--when your code knows it is in a website with a IHttpApplication floating around. But when you are writing core components that get used across services, one should definitely avoid needing to know that said application exists, but one might want to attach logging functions deeper down the stack.
On global exception handling, my general philosophy is don't handle--log it and push users to a friendly error page. And now, with the new WebEvent stuff in ASP.NET 2.0, you can handle the logging bits from configuration rather than from the code.
Bookmarks