Please help me .i m trying to athunticate user by Ihttpmodule. RSS

• • Reply
  

  sandipraj21

  Member

  224 Points

  99 Posts

  Please help me .i m trying to athunticate user by Ihttpmodule.

  Sep 07, 2011 06:05 AM|LINK

  my code is below.

  my login page is

  submit button

  if (dt.Rows.Count > 0)
              {
                  DataRow dr = dt.Rows[0];
                  string Status;
                  Status = "Active";
                  if (Status == dr[2].ToString())
                  {
                      string UserName = txtUserId.Text;
                      string password = txtpassword.Text;
                      if (UserName == dr[0].ToString() && password == dr[1].ToString())
                      {
                          Session["IsValid"] = true;  
                          Session["UserName"] = UserName;
                          string Role1 = "Admin";
                          string Role2 = "User";
                           Session["UserID"] = dr[3].ToString();
                              Session["Role"] = "2";
                              Response.Redirect("~/User/UserHome.aspx");
                         
  
                      }
                      else
                      {
                          lblmsg.Text = "Please check Username or Password.";
                      }
  
                  }
                  else
                  {
                      lblmsg.Text = "Your Account is Inactive";
                  }
  
              }

  my ihttpmodul interface class is Below.

   public class IhttpModule:IHttpModule
      {
          HttpApplication _httpApp;
          public IhttpModule()
          {
          }
  
          #region IHttpModule Members
  
          public void Dispose()
          {
             // throw new NotImplementedException();
          }
  
          public void Init(HttpApplication sender)
          {
  
              sender.PostAcquireRequestState += new EventHandler(PostAcquireRequireState);
              sender.PostAuthenticateRequest += new EventHandler(PostAuntheticateRequest);
  
          }
          protected void PostAcquireRequireState(Object sender, EventArgs e)
          {
              try
              {
                  HttpApplication ObjHttpAppl = (HttpApplication)sender;
                  HttpContext ObjHttpContext = (HttpContext)ObjHttpAppl.Context;
                  if (ObjHttpContext.Session != null)
                      if (ObjHttpContext.Session.Count > 0)
                      {
                          if (ObjHttpContext.Session["IsValid"] != null)
                          {
  
                              if (Convert.ToBoolean(ObjHttpContext.Session["IsValid"]) != true)
                              {
  
                                  AuthentiCatePage(ObjHttpAppl, ObjHttpContext);
  
                              }
                              else
                              {
                                 
                              }
  
                          }
                          else
                          {
                              
                          }
                         
  
  
                      }
                      else
                      {
                          if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"/admin") == true)
                          {
                              ObjHttpAppl.Response.Redirect("~/Admin/Login.aspx?", false);
                          }
                          
                          else if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"/") == true)
                          {
                              ObjHttpAppl.Response.Redirect("/Login.aspx?", false);
                          }
                      }
              }
              catch
              {
  
  
              }
          }
          protected void PostAuntheticateRequest(object sender, EventArgs e)
          {
  
          }
          protected void AuthentiCatePage(HttpApplication ObjHttpAppl, HttpContext ObjHttpContext)
          {
              
              if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"/Admin") == true)
              {
                  ObjHttpAppl.Response.Redirect("~/Admin/Login.aspx?", false);
                  ObjHttpAppl.CompleteRequest();
              }
              if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"/user") == true)
              {
                  ObjHttpAppl.Response.Redirect("/User/UserRegisterwithJavascript.aspx?", false);
                  ObjHttpAppl.CompleteRequest();
              }
              if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"~/") == true)
              {
                  if (ObjHttpContext.Request.RawUrl.ToLower().StartsWith(@"~/login.aspx?") == true)
                  {
                       ObjHttpContext.Session["IsValid"] = null;
  
                  }
                  ObjHttpAppl.Response.Redirect("~/Login.aspx?", false);
                  ObjHttpAppl.CompleteRequest();
  
              }
  
  
          }
  
          #endregion
      }

  here i m geting problem is  in ihttpmodule. postAcuirerequirestate methow is returning number of time.

• • Reply
  

  sandipraj21

  Member

  224 Points

  99 Posts

  Re: Please help me .i m trying to athunticate user by Ihttpmodule.

  Sep 07, 2011 11:53 AM|LINK

  i solved it myself. after spending 5 Hours.

  In this ihttpmodule there are 2 Roles for user and Admin there is different login page .and  kept in separate folder. Named  User and Admin. 

  In IhttpModule.cs write code.

   

  namespace OnlineShopping

  {

    public class IhttpModule:IHttpModule

    {

      HttpApplication _httpApp;

      public IhttpModule() {    }

      #region IHttpModule Members

      public void Dispose()   { // throw new NotImplementedException(); }

      public void Init(HttpApplication sender)

      {

        sender.PostAcquireRequestState +=

        new EventHandler(PostAcquireRequireState);

      }

      protected void PostAcquireRequireState(Object sender, EventArgs e)

      {

        _httpApp = (HttpApplication)sender;

        HttpContext ObjHttpContext = (HttpContext)_httpApp.Context;

        if (RequiresAuthenticationFrontEnd())

         {

          if (ObjHttpContext.Session != null)

            if (ObjHttpContext.Session.Count > 0)

               {

               if (Convert.ToBoolean(ObjHttpContext.Session["IsValid"]) !=

               true)

                  {

                  string[] frontAuthenticatePages = { @"/admin" };

                   if  

   

              (_httpApp.Context.Request.RawUrl.ToLower().StartsWith(@"/admin"))

                { foreach (string frontpage in frontAuthenticatePages)

                    {

                     if (_httpApp.Context.Request.RawUrl.ToLower().StartsWith(_httpApp.Context.Request.ApplicationPath.TrimEnd('/').ToLower() + frontpage))

                         {

                     _httpApp.Response.Redirect("/Admin/Login.aspx?", false);

                     _httpApp.CompleteRequest();

                          }

                    }

                }

                else

                {

                _httpApp.Response.Redirect("/Login.aspx?", false);

                _httpApp.CompleteRequest();

                 }

            }

            else { }

            }

         }

        else  { //not implemention }

   

      }

     private bool RequiresAuthenticationFrontEnd()

      {  /*if this name of pages then it will execute without validating.

         in “/user/userregisterwithjavascript” this user is folderName and

          userregisterwithjavascript is pagename. */

      string[] frontAuthenticatePages =

        { @"/user/userregisterwithjavascript","/login","/admin/login"};

             foreach (string frontpage in frontAuthenticatePages)

              {

                If

                  (_httpApp.Context.Request.RawUrl.ToLower().StartsWith

                  (_httpApp.Context.Request.ApplicationPath.TrimEnd('/')

                   .ToLower() + frontpage))

                  {return false; }

              }

      return true;

     }

     

          #endregion

    }

  }

   

  In Global.ascx file write

   

  protected void Session_Start(object sender, EventArgs e)

          {

              Session["IsValid"] = false;

          }

   

  In loginpage.cs

  protected void btnSubmit_Click(object sender, EventArgs e)

          {

   

              DataTable dt= UserBLL.SelectUserCheck(objuserEntity);

              if (dt.Rows.Count > 0)

              {

             if (UserName == dr[0].ToString() && password == dr[1].ToString())

                      {

                          Session["IsValid"] = true;

                         

                       Response.Redirect("~/User/UserHome.aspx");

                      }

                      else

                      {

                          lblmsg.Text = "Please check Username or Password.";

                      }

                  }

                  else

                  {

                      lblmsg.Text = "Your Account is Inactive";

                  }

              }

          }

  In Web Config file.    

  <httpModules>

    <add name="IhttpModule" type="OnlineShopping.IhttpModule"/>

    <add name="ScriptModule" type="System.Web.Handlers.ScriptModule,

     System.Web.Extensions, Version=3.5.0.0, Culture=neutral,

     PublicKeyToken=31BF3856AD364E35"/>

  </httpModules>

   

  Explaination :- type="OnlineShopping.IhttpModule"

  OnlineShopping is Namespace.

  IhttpModule is ClassName.

  • Marked as answer by sandipraj21 on Sep 07, 2011 11:53 AM