I am setting up Authentication that I want to put in multiple Web Sites on
my server.
I found a good article on this and am looking at moving my code from my
Global.asax file to an HTTP Module. This works fine.
But I was curious about what would happen if I left the Global.asax code in
(which is identical to the HTTPModule code) as well as added the HTTPModule.
Both call the same event and both sets of code is executed.
It seems to do the HTTPModule first and then does the Global.asax code.
I am going to take the Global.asax code out, but am curious as to what the
order is that these things are called. Why is the HTTPModule called first
and then the Global.asax?
Here is the code from the HttpModule:
***********************************************
namespace AuthModule
{
public class SetIdentity: IHttpModule
{
public SetIdentity()
{
}
public void Init(HttpApplication context)
{
context.AuthenticateRequest +=
(new EventHandler(this.Application_AuthenticateRequest) );
}
private void Application_AuthenticateRequest(Object source, EventArgs e)
{
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
// Get the authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = context.Request.Cookies[cookieName];
if(authCookie==null)
return;
// Get the authentication ticket
// and rebuild the principal & identity
FormsAuthenticationTicket authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
string[] roles = authTicket.UserData.Split(new Char [] {'|'});
GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
GenericPrincipal userPrincipal =
new GenericPrincipal(userIdentity, roles);
context.User = userPrincipal;
}
public void Dispose()
{
}
}
}
************************************************** ***********
Thanks,
Tom
