Asp.net : HttpApplication context authentication for aspx page gets called infinite times and page never loads

Question

I have an asp.net web application that performs some license checks before calling up the login page... if the product is not licensed then it navigates to a abc.aspx page with some error details. This license check is an HttpModule which is configured via web.config.

I have an event handler for context authentication. Whenever the abc.aspx page is called, this event is fired multiple times and the page load never happens.

on Init, i use this code to add the event handler

context.AuthenticateRequest += new EventHandler

When i use a html page, this issue does not seem to occur. The issue exists even if i use some other aspx page for example xyz.aspx...

How can stop this authentication to takes place n number of times. I have tried with HttpContext.Current.Response.End(), it stops the infinite calls, but does not load the page, the page appears blank.

Any one has any idea about this issue?

snippet of Global.asax.

<%@ Application Language="C#" Inherits="Microsoft.Practices.CompositeWeb.WebClientApplication" %>

<script runat="server">

    private static bool _initializedAlready = false;
    private static readonly Object s_lock = new Object();

    //fires once on asp.net worker process start
    protected override void Application_Start(object sender, EventArgs e)
    {


    }

    protected void Application_BeginRequest(object sender, EventArgs e)
    {
        if (_initializedAlready)
        {
            return;
        }

        lock (s_lock)
        {

            if (_initializedAlready)
            {
                return;
            }

            //custom initialization code
            base.Application_Start(sender, e);

            _initializedAlready = true;
        }
    }



    public override void Init()
    {
        base.Init();

       //initialize the license module here....

         licenseModule.Init(this);

    }


</script>

The init() method of license module

 public void Init(HttpApplication context)
    {
        context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest);

    }

Please post required code that you have in global.ascx and handler file. Also format it with the help of Editor. — Murali Murugesan, Nov 09 '12 at 06:41
Edited the question by adding the global.asax and the handler code... — Kartikkumar Rao, Nov 09 '12 at 07:02
Can you clarify a few things like when does the license check needs to be done? (on each page load / only when loading the log in page?) — CyberDude, Nov 09 '12 at 07:08
Only when loading the login page. The application is hosted on IIS , when user hits the url, license check should take place before everything else... — Kartikkumar Rao, Nov 09 '12 at 07:10
Then why are you doing it in Global? Only do that logic in the log in page. — CyberDude, Nov 09 '12 at 07:12
The only thing that i am doing in the Global.asax page is initializing the license module since its a HttpModule. I am not sure if i can do the initialization in log in page for a httpmodule — Kartikkumar Rao, Nov 09 '12 at 07:18

rikitikitik · Answer 1 · 2012-11-09T09:53:37.030

0

I think the problem is due to the fact that you are authenticating abc.aspx as well.

When you go to a page and the license check fails, it redirects to abc.aspx. Unfortunately, you did not exempt abc.aspx from this check, and it checks itself, and then redirects to itself again and again and again.

What you can do is to only attach the authenticate request event in your Init() method when the page is not "abc.aspx". Something like:

if(!context.Context.Request.RawUrl.Contains("abc.aspx"))
     context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest);

However, if you only want to do this check on the login page, you would be better off putting the authentication check just on the login page code behind.

edited Nov 09 '12 at 09:53

answered Nov 09 '12 at 07:14

rikitikitik

2,414
2
26
37

I tried to use 'code' if(!context.Request.RawUrl.Contains("abc.aspx")) but it looks like the Request is not available at that point.I get "Request is not available in this context" – Kartikkumar Rao Nov 09 '12 at 08:38
It contains the HttpApplication context..which is being called from Global.asax – Kartikkumar Rao Nov 09 '12 at 09:10
I've modified the code. Try `!context.Context.Request...` instead and see if that works. – rikitikitik Nov 09 '12 at 09:54
Instead of `!context.Request.RawUrl.Contains("abc.aspx")`, try `!context.Context.Request.RawUrl.Contains("abc.aspx")` instead. – rikitikitik Nov 12 '12 at 00:24
Can you debug and put a breakpoint at the line where you add the event handler and check the properties of the context object that was passed as parameter? – rikitikitik Nov 13 '12 at 05:16
I finally got it working without any modifications...I am still wondering why... However, This abc.aspx page has a master page (default). I need to add some details to the abc.aspx page like product name,etc...this information is stored in Session.When i am trying to access it, i get "Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the configuration" exception. I have added enableviewstate to true in abc.aspx – Kartikkumar Rao Nov 16 '12 at 10:03
and in web.config as well... .. When i am accessing Sesssion["pname"]..i get the above mentioned error...any one has any idea?? – Kartikkumar Rao Nov 16 '12 at 10:06

Asp.net : HttpApplication context authentication for aspx page gets called infinite times and page never loads

1 Answers1