This is a question with respect to configuration of URL Routing.
I am using URL Routing on my page (without MVC) and for some reason the membership API is not funcitoning properly. I assume I need to do an ignore route somewhere to enable the API to function.
Here is what is happening....for pages not being routed
www.domain.com/default.aspx the api works as expected and a loginview shows the logged in status. If I go to a page that is Routed
www.domain.com/Page the loginview shows as not logged in. If I go to the exact same page
www.domain.com/routingpages/page.aspx the loginview than shows as logged in.
Somehow the URL routing is affecting the membership API's ability to determine authentication.
<%@ Application Language="VB" Inherits="System.Web.HttpApplication" %>
<%@ Import Namespace="System.Web.Routing" %>
<%@ Import Namespace="System.Web.MVC" %>
<script RunAt="server">
Private Sub RegisterRoutes(ByVal routes As System.Web.Routing.RouteCollection)
routes.IgnoreRoute("{resource}.axd/{*pathInfo}")
routes.IgnoreRoute("BackOffice/{*pathInfo}")
routes.IgnoreRoute("Default.aspx")
routes.IgnoreRoute("Content")
routes.Add("Schedule", New Route("schedule", New WebFormRouteHandler("~/RoutingPages/schedule.aspx")))
routes.Add("Charts", New Route("charts", New WebFormRouteHandler("~/RoutingPages/charts.aspx")))
routes.Add("Standings", New Route("standings", New WebFormRouteHandler("~/RoutingPages/standings.aspx")))
routes.Add("DEFAULT", New Route("{Name}", New WebFormRouteHandler("~/RoutingPages/page.aspx")))
' Add some named handlers
End Sub
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
' Code that runs on application startup
RegisterRoutes(RouteTable.Routes)
End Sub
Using Routing definitely shouldn't affect how membership works. In general Routing doesn't affect how any other ASP.NET features work (though there are certainly a few exceptions).
Which WebFormRouteHandler are you using? I think there are a few prototype versions floating around the web right now and I'd like to make sure I investigate using the same version as the one you're using. I'll also verify whether this works in ASP.NET 4,
where WebForm routing is a built-in feature.
I appreciate the response. I am using one that I got from Chris Cavanagh's blog site:
http://chriscavanagh.wordpress.com/2009/01/20/aspnet-routing-in-vbnet/ I got it several months back now and have used it successfully on public portions of non-secure sites. Now working on a dynamic site that required authentication on parts of the public
interface.
There are three files:
RoutablePage.vb:
Imports Microsoft.VisualBasic
Imports System.Web.Routing
Public Interface IRoutablePage
' Properties
Property RequestContext() As RequestContext
End Interface
Public Class RoutablePage
Inherits System.Web.UI.Page
Implements IRoutablePage
' Fields
Protected _requestContext As RequestContext
' Methods
Public Function ActionLink(ByVal url As String) As String
Return Me.ActionLink(url, url)
End Function
Protected Function ActionLink(ByVal url As String, ByVal [text] As String) As String
Return String.Format("<a href=""{0}"">{1}</a>", url, [text])
End Function
Public Function GetVirtualPath(ByVal values As Object) As String
Return Me.GetVirtualPath(Nothing, values)
End Function
Public Function GetVirtualPath(ByVal routeName As String, ByVal values As Object) As String
If (Me.RequestContext Is Nothing) Then
Return Nothing
End If
Return RouteTable.Routes.GetVirtualPath(Me.RequestContext, routeName, New RouteValueDictionary(values)).VirtualPath
End Function
Protected Function RouteValue(ByVal key As String) As Object
Return Me.RequestContext.RouteData.Values.Item(key)
End Function
' Properties
Public ReadOnly Property BaseUrl() As String
Get
Return (MyBase.Request.Url.GetLeftPart(1) & VirtualPathUtility.ToAbsolute("~/"))
End Get
End Property
Public Property RequestContext() As RequestContext Implements IRoutablePage.RequestContext
Set(ByVal value As RequestContext)
_requestContext = value
End Set
Get
Return _requestContext
End Get
End Property
Private Sub Page_PreInit(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.PreInit
'Set Customized Connection String
'SessionExpressionBuilders.SessionConnectionStringsExpressionBuilder.AddSettings("dbConn", GlobalSettings.Vars.GetValue.dbConn)
'Me.Page.Theme = LeagueSettings.Vars.GetValue.Theme
End Sub
End Class
and
RoutingHandler.vb
Imports Microsoft.VisualBasic
Imports System.Web.Routing
Public Class RoutingHandler
Inherits UrlRoutingHandler
' Methods
Protected Overrides Sub VerifyAndProcessRequest(ByVal httpHandler As IHttpHandler, ByVal httpContext As HttpContextBase)
End Sub
End Class
and lastly WebFormRouteHandler.vb
Imports Microsoft.VisualBasic
Imports System.Web.Routing
Imports System.Security
Imports System.Web.Compilation
Public Class WebFormRouteHandler
Implements IRouteHandler
Public VirtualPath As String
Public CheckPhysicalUrlAccess As Boolean
' Methods
Public Sub New(ByVal virtualPath As String)
Me.New(virtualPath, True)
End Sub
Public Sub New(ByVal virtualPath As String, ByVal checkPhysicalUrlAccess As Boolean)
Me.VirtualPath = virtualPath
Me.CheckPhysicalUrlAccess = checkPhysicalUrlAccess
End Sub
Public Function GetHttpHandler(ByVal requestContext As RequestContext) As IHttpHandler Implements IRouteHandler.GetHttpHandler
'If (Me.CheckPhysicalUrlAccess AndAlso Not UrlAuthorizationModule.CheckUrlAccessForPrincipal(Me.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod)) Then
'Throw New SecurityException
'End If
Dim page As IHttpHandler = TryCast(BuildManager.CreateInstanceFromVirtualPath(Me.VirtualPath, GetType(Page)), IHttpHandler)
If (Not page Is Nothing) Then
Dim routablePage As IRoutablePage = TryCast(page, IRoutablePage)
If (Not routablePage Is Nothing) Then
routablePage.RequestContext = requestContext
End If
End If
Return page
End Function
End Class
Further information....in the WebFormRouteHandler file I have commented out the lines:
If (Me.CheckPhysicalUrlAccess AndAlso Not UrlAuthorizationModule.CheckUrlAccessForPrincipal(Me.VirtualPath, UserName, requestContext.HttpContext.Request.HttpMethod)) Then
Throw New SecurityException
End If
because if the user is NOT logged in, it throws "Value cannot be null" exception on the Principal.iPrincipal User parameter? So this does not work for anonymous users with this not commented out.
So i put this in a "Try" block to see if it would work and low and behold, it still thinks it is null, even if I am logged in.
It seems that you are mixing MVC and Webform. If it is, I don't think it's a good idea. There is a project named 'MovieApp' which indlueds how to login and register in ASP.NET website. In addtion, the project also use membership for account management.
You can get it from the following link.
I had the same problem when publishing my site to IIS7.
It is important to include the runAllManagedModulesForAllRequests attribute in the web.config. Microsoft has a good article called "Routing with ASP.NET Web Forms" (http://msdn.microsoft.com/en-us/magazine/dd347546.aspx).
rcmacdon
Member
5 Points
4 Posts
URL Routing with Membership API
Oct 02, 2009 04:32 PM|LINK
Hello,
This is a question with respect to configuration of URL Routing.
I am using URL Routing on my page (without MVC) and for some reason the membership API is not funcitoning properly. I assume I need to do an ignore route somewhere to enable the API to function.
Here is what is happening....for pages not being routed www.domain.com/default.aspx the api works as expected and a loginview shows the logged in status. If I go to a page that is Routed www.domain.com/Page the loginview shows as not logged in. If I go to the exact same page www.domain.com/routingpages/page.aspx the loginview than shows as logged in.
Somehow the URL routing is affecting the membership API's ability to determine authentication.
Just for those who need cde:
Web.config:
<system.web> <authentication mode="Forms"> <forms loginUrl="~/login.aspx" timeout="20160"/> </authentication> <authorization> <allow users="*"/> </authorization> <httpModules> <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpModules> <httpHandlers> <remove verb="*" path="*.asmx"/> <add path="UrlRouting.axd" verb="*" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" validate="false"/> </httpHandlers> <system.webServer> <modules> <remove name="ScriptModule"/> <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </modules> <handlers> <add name="UrlRoutingHandler" preCondition="integratedMode" verb="*" path="UrlRouting.axd" type="System.Web.HttpForbiddenHandler, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/> </handlers>and my Global.asax looks like:
<%@ Application Language="VB" Inherits="System.Web.HttpApplication" %> <%@ Import Namespace="System.Web.Routing" %> <%@ Import Namespace="System.Web.MVC" %> <script RunAt="server"> Private Sub RegisterRoutes(ByVal routes As System.Web.Routing.RouteCollection) routes.IgnoreRoute("{resource}.axd/{*pathInfo}") routes.IgnoreRoute("BackOffice/{*pathInfo}") routes.IgnoreRoute("Default.aspx") routes.IgnoreRoute("Content") routes.Add("Schedule", New Route("schedule", New WebFormRouteHandler("~/RoutingPages/schedule.aspx"))) routes.Add("Charts", New Route("charts", New WebFormRouteHandler("~/RoutingPages/charts.aspx"))) routes.Add("Standings", New Route("standings", New WebFormRouteHandler("~/RoutingPages/standings.aspx"))) routes.Add("DEFAULT", New Route("{Name}", New WebFormRouteHandler("~/RoutingPages/page.aspx"))) ' Add some named handlers End Sub Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs) ' Code that runs on application startup RegisterRoutes(RouteTable.Routes) End SubMembership routeing
Eilon
Contributor
5753 Points
976 Posts
Microsoft
Re: URL Routing with Membership API
Oct 03, 2009 02:15 AM|LINK
Hi there,
Using Routing definitely shouldn't affect how membership works. In general Routing doesn't affect how any other ASP.NET features work (though there are certainly a few exceptions).
Which WebFormRouteHandler are you using? I think there are a few prototype versions floating around the web right now and I'd like to make sure I investigate using the same version as the one you're using. I'll also verify whether this works in ASP.NET 4, where WebForm routing is a built-in feature.
Thanks,
Eilon
rcmacdon
Member
5 Points
4 Posts
Re: URL Routing with Membership API
Oct 03, 2009 01:18 PM|LINK
Hi Eilon,
I appreciate the response. I am using one that I got from Chris Cavanagh's blog site: http://chriscavanagh.wordpress.com/2009/01/20/aspnet-routing-in-vbnet/ I got it several months back now and have used it successfully on public portions of non-secure sites. Now working on a dynamic site that required authentication on parts of the public interface.
There are three files:
RoutablePage.vb:
Imports Microsoft.VisualBasic Imports System.Web.Routing Public Interface IRoutablePage ' Properties Property RequestContext() As RequestContext End Interface Public Class RoutablePage Inherits System.Web.UI.Page Implements IRoutablePage ' Fields Protected _requestContext As RequestContext ' Methods Public Function ActionLink(ByVal url As String) As String Return Me.ActionLink(url, url) End Function Protected Function ActionLink(ByVal url As String, ByVal [text] As String) As String Return String.Format("<a href=""{0}"">{1}</a>", url, [text]) End Function Public Function GetVirtualPath(ByVal values As Object) As String Return Me.GetVirtualPath(Nothing, values) End Function Public Function GetVirtualPath(ByVal routeName As String, ByVal values As Object) As String If (Me.RequestContext Is Nothing) Then Return Nothing End If Return RouteTable.Routes.GetVirtualPath(Me.RequestContext, routeName, New RouteValueDictionary(values)).VirtualPath End Function Protected Function RouteValue(ByVal key As String) As Object Return Me.RequestContext.RouteData.Values.Item(key) End Function ' Properties Public ReadOnly Property BaseUrl() As String Get Return (MyBase.Request.Url.GetLeftPart(1) & VirtualPathUtility.ToAbsolute("~/")) End Get End Property Public Property RequestContext() As RequestContext Implements IRoutablePage.RequestContext Set(ByVal value As RequestContext) _requestContext = value End Set Get Return _requestContext End Get End Property Private Sub Page_PreInit(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.PreInit 'Set Customized Connection String 'SessionExpressionBuilders.SessionConnectionStringsExpressionBuilder.AddSettings("dbConn", GlobalSettings.Vars.GetValue.dbConn) 'Me.Page.Theme = LeagueSettings.Vars.GetValue.Theme End Sub End Classand
RoutingHandler.vb
and lastly WebFormRouteHandler.vb
Imports Microsoft.VisualBasic Imports System.Web.Routing Imports System.Security Imports System.Web.Compilation Public Class WebFormRouteHandler Implements IRouteHandler Public VirtualPath As String Public CheckPhysicalUrlAccess As Boolean ' Methods Public Sub New(ByVal virtualPath As String) Me.New(virtualPath, True) End Sub Public Sub New(ByVal virtualPath As String, ByVal checkPhysicalUrlAccess As Boolean) Me.VirtualPath = virtualPath Me.CheckPhysicalUrlAccess = checkPhysicalUrlAccess End Sub Public Function GetHttpHandler(ByVal requestContext As RequestContext) As IHttpHandler Implements IRouteHandler.GetHttpHandler 'If (Me.CheckPhysicalUrlAccess AndAlso Not UrlAuthorizationModule.CheckUrlAccessForPrincipal(Me.VirtualPath, requestContext.HttpContext.User, requestContext.HttpContext.Request.HttpMethod)) Then 'Throw New SecurityException 'End If Dim page As IHttpHandler = TryCast(BuildManager.CreateInstanceFromVirtualPath(Me.VirtualPath, GetType(Page)), IHttpHandler) If (Not page Is Nothing) Then Dim routablePage As IRoutablePage = TryCast(page, IRoutablePage) If (Not routablePage Is Nothing) Then routablePage.RequestContext = requestContext End If End If Return page End Function End ClassThanks in Advance
Clint
rcmacdon
Member
5 Points
4 Posts
Re: URL Routing with Membership API
Oct 03, 2009 03:01 PM|LINK
Further information....in the WebFormRouteHandler file I have commented out the lines:
If (Me.CheckPhysicalUrlAccess AndAlso Not UrlAuthorizationModule.CheckUrlAccessForPrincipal(Me.VirtualPath, UserName, requestContext.HttpContext.Request.HttpMethod)) Then Throw New SecurityException End Ifbecause if the user is NOT logged in, it throws "Value cannot be null" exception on the Principal.iPrincipal User parameter? So this does not work for anonymous users with this not commented out.
So i put this in a "Try" block to see if it would work and low and behold, it still thinks it is null, even if I am logged in.
Wierd,
KeFang Chen ...
Star
8329 Points
852 Posts
Re: URL Routing with Membership API
Oct 05, 2009 05:53 AM|LINK
Hi,
It seems that you are mixing MVC and Webform. If it is, I don't think it's a good idea. There is a project named 'MovieApp' which indlueds how to login and register in ASP.NET website. In addtion, the project also use membership for account management. You can get it from the following link.
http://download.microsoft.com/download/7/2/8/728F8794-E59A-4D18-9A56-7AD2DB05BD9D/MovieApp_CS.zip
JimmyZ
Member
2 Points
2 Posts
Re: URL Routing with Membership API
Jan 31, 2010 08:29 PM|LINK
Hi,
I had the same problem when publishing my site to IIS7.
It is important to include the runAllManagedModulesForAllRequests attribute in the web.config. Microsoft has a good article called "Routing with ASP.NET Web Forms" (http://msdn.microsoft.com/en-us/magazine/dd347546.aspx).
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
Good luck.
-Jim