0

I would like to handle static file web requests through an HttpModule to show the documents in my CMS according to some policies. I can filter out a request, but I don't know how to directly process such a request as asp.net should do.

duns
  • 83
  • 1
  • 16
  • an ihttpmodule would require a lot of work. wouldn't standard pages or an mvc framework be better? – Daniel A. White Mar 22 '13 at 15:15
  • I've expressed myself badly, I need an httpHandler or an httpModule to handle static file content and allow a registered user to directly access a document. – duns Mar 22 '13 at 16:03

1 Answers1

1

Is this what you're looking for? Assuming you're running in integrated pipeline mode, all requests should make it through here, so you can kill the request if unauthorized, or let it through like normal otherwise.

public class MyModule1 : IHttpModule
{
    public void Dispose() {}

    public void Init(HttpApplication context)
    {
        context.AuthorizeRequest += context_AuthorizeRequest;
    }

    void context_AuthorizeRequest(object sender, EventArgs e)
    {
        var app = (HttpApplication)sender;

        // Whatever you want to test to see if they are allowed
        // to access this file. I believe the `User` property is
        // populated by this point.
        if (app.Context.Request.QueryString["allow"] == "1")
        {
            return;
        }

        app.Context.Response.StatusCode = 401;
        app.Context.Response.End();
    }
}

<configuration>
  <system.web>
    <httpModules>
      <add name="CustomSecurityModule" type="MyModule1"/>
    </httpModules>
  </system.web>
</configuration>
Joe Enos
  • 39,478
  • 11
  • 80
  • 136
  • Many thanks for the reply, I solved with a Server.Transfer. I don't understand why the return instruction can't deliver the right static file requested – duns Mar 25 '13 at 14:53