11
I'm writing some code to act as a proof of concept which at this point works ok, there is a minor issue I would like to resolve.
What I have is an image database being served in an academic library setting with some pretty tight copyright restrictions. Until now we have simply restricted the images to on-campus use, so you can either VPN/Proxy to the network or use a machine physically on the network to access the image collection.
Before going further, the image collection (folder structure, sizes, etc) is managed through two products we purchased (Extensis Portfolio/Luna Insight). This should explain the obvious as to why I am using a more complicated solution that I probably need.
The goal is to make it so that the website that hosts the images is publicly available but the images require the same campus only use or offer the ability to login to view. If you are not logged in or not on campus, there is a default image that appears instead basically telling you that you need to either login or vpn to have access. The heart of the problem is that not all images have this restriction.
What I've built is an httphandler method that does this. We offer a login method called CAS and if you are not familiar in short you write code that checks to see if a user is authenticated (in your code so either a session or a cookie) and if they are not they are sent to a central website that authenticates them and sends them back to your site. If that explanation isn't enough, just look up CAS authentication and you'll get a bigger picture.
So the program itself displays a page of thumbnail images, clicking the thumbnail takes you to a detail page with a larger image and the metadata for it. On this page there are links to the actual downloadable JPG that comes in multiple sizes.
The httphandler is setup in this manner. If you are not logged in or on campus and the image is restricted, you get the little thumbnail that says you don't have access and to login. If you were to paste the URL into a browser directly to the image (http://...../image1.jpg) you are sent to the login page.
The problem that I am having is that on the detail page I would like to make it so that if you click the link to the image, it acts the same as if you pasted the URL into a window.
Now why this doesn't work now...
What I had to do in the httphandler is to check to see if the image was being called through an <img src=..> tag or if it was just a URL. The only method I could find that would do this for me was the context.Request.UrlReferrer which would tell me if the request ended in .htm or some other web file used in the program that would have an img src tag. If this returned true then it would display the thumnail image. If this was not true then it would force you to login to get the image. However, when you click a link on the image detail page and essentially land on the .jpg image, the value for UrlReferrer will still contain the .htm or whatever extension. So you land on a page that shows the same thumbnail image as before.
I think I can hack around this by making all links directly to images go to a file of a specific extention, and use a url like /getImage.img/2002.jpg since then the request could be further filtered in the handler.
But if I could avoid this sort of "hack" what I ideally would like is for some method to return a value that indicates whether the image is being called by a straight URL or if it is being called from within an <img src =...> tag.
With that said, does anyone have any ideas of either methods or variables I could read this sort of information out of in the context.request?
