May 2008 - Posts
In this blog I will mention the Difference between Web Application Project(WAP) and website Prject when registering Custom HttpModules and HttpHandlers,
If you are not familiar with Http Modules and Http Handlers , please read this
And if you are not familiar with the Differences between WAP and website project , Please read this and this
Now , i will talk about some different cases when working with them ,
For WebSite project :
when you write a custom Http Module ( or Http Handler) in App_Code folder which is inside your website,Then you can register the Custom module in web.config in this format :
so for example if you write this module in App_Code
Then you can register that modue in web.config as follows:
For Wep application Projects(WAP) :
Now,when you are working with web application Project ( or VS 2003 web application ),
Then you need to PrePrend the WebApplication Name(Actually the Root NameSpace of the Project) before the Class Name as follows:
When The module Or Handler Written in a separate Class Library:
when you need to register a custom HttpModule Or Handler that is written in a separate class library or DLL, then you need to use the following format :
In this Blog post i mentioned the correct ways to register the custom HttpModules and HttpHandlers when you are working with Web application Project, Website project, Or with a Custom class library project , Note that if you failed to register the module or handler correctly ,you will get errors like "Could not load file or assembly or one of its dependencies "...
Hope that Helps
Anas Ghanem
before a couple of days ,I started to work on Vista and IIS 7, and since the default installation for Vista doesn't includes IIS7 ,
I started by trying to install IIS 7, I went to control panel, Programs and features, then to " turns windows features on or off",
After the dialog displayed , I navigate to application development features and checked asp.net and IIS management console,
then I selects to install them , after the installation finishes , I prompted to restart the computer and i did ,
after i logged in a gain , and after i added an existing website to in IIS, i requested the website from the browser,then the problems started ,
the browser displayed an empty page with no images , no scripts ... I tried to restart, reinstall with no , after many hours I find it ,
I didn't check the "Static Content service" , look at the red Box in the Image below :
Note that the "static content" service is responsible for serving the Static contents like images, scripts , style sheets file, ....
In my opinion , if the user doesn't checked this option( which will be checked by default if you checked the " internet information service " root node ) windows vista must displays an alert or something , so that the user doesn't waste the time to know the problem ...
So I posted this problem and hoping to help some one in the future ,
Best Regards,
Anas Ghanem
While I'm helping the Folks on asp.net forums, I noticed that there is a lot of develoeprs trying to access the Http Session in Page Constructor !
Most of them used this to Implement a kind of Secured Base Page that checks the session value ,and if its missing , it will redirect to login or whatever page,
some of them write this Class :
public class AdminSecuredPage : System.Web.UI.Page
{
public AdminSecuredPage()
{
if (Session["AdminUser"] == null) {
Response.Redirect("~/login.aspx");
}
}
}
Note that the above class will throws HttpException ,
which tells :
"Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the <configuration> ..."
well the above exception will be thrown because the session is not ready when the Page constructor was called .
The Solution :
One solution is to Move the Code from Page Constructor to Page_init , Note that the page_init for this class will be called before the the Page_init of its Sub Page Class,
so you can check the Session value as follows:
public class AdminSecuredPage : System.Web.UI.Page
{
public AdminSecuredPage()
{}
protected override void OnInit(EventArgs e)
{
// if the user is not Admin , redirect to Login Page
if (Session["AdminUser"] == null)
Response.Redirect("~/login.aspx");
// this needed to initialize its base page class
base.OnInit(e);
}
}
Edit 1:
Note that using the session for that purpose is not a good practice , because there is al ready a built in FormsAuthentication services for asp.net,
however , i will not discuss the security approches here...
Edit 2:
I want to mention that you should also avoid accessing the Session in the Page Local Variables , like this example ( look at the Bold word)
Partial Class Page1
Inherits System.Web.UI.Page
Private LocalVar as string=Session("MyVar")
that will also throw the HttpException !
Hope It Helps,
Anas Ghanem
More Posts