I've a site in which .zip and .pdf downloads are served up only to logged-in members. The way I initially implemented this caused HitBox to not be able to track downloads from the site. What I needed was a way to have the links on the pages point directly
to the downloadable files, but redirect to login if not logged in.
I first tried passing requests for these file types in IIS to the aspnet_isapi.dll but because I am not using Forms Authentication but a custom class utilizing sessionstate, the app had no way of knowing if a user was logged in.
So, handling requests for these file types sounded like a use for an HttpHandler, and it all works fine except for the authentication. I am inheriting the class that performs the authentication into the Handler, and despite my having Implementing IRequiresSessionState
as well, it doesn't appear to be able to use the Profile Session objects the same way it would from an aspx page. The CWebUIPage_Authenticate class inherits
System.Web.UI.Page so I'm wondering if this could be a problem, and if so, if there's a workaround I could use.
Public
Class securedDocHandler :
Inherits CWebUIPage_Authenticate :
Implements IHttpHandler, IRequiresSessionState
Inheriting this class required me to declare ProcessRequest using Overrides. Not sure if that's relevant.
Please let me know if I'm way off with this approach and if you've suggestions. Thank you
Member
30 Points
40 Posts
httpHandler inheriting SessionState IsLoggedIn check
Apr 24, 2007 05:27 AM|dunebuggy|LINK
I've a site in which .zip and .pdf downloads are served up only to logged-in members. The way I initially implemented this caused HitBox to not be able to track downloads from the site. What I needed was a way to have the links on the pages point directly to the downloadable files, but redirect to login if not logged in.
I first tried passing requests for these file types in IIS to the aspnet_isapi.dll but because I am not using Forms Authentication but a custom class utilizing sessionstate, the app had no way of knowing if a user was logged in.
So, handling requests for these file types sounded like a use for an HttpHandler, and it all works fine except for the authentication. I am inheriting the class that performs the authentication into the Handler, and despite my having Implementing IRequiresSessionState as well, it doesn't appear to be able to use the Profile Session objects the same way it would from an aspx page. The CWebUIPage_Authenticate class inherits System.Web.UI.Page so I'm wondering if this could be a problem, and if so, if there's a workaround I could use.
Public
Class securedDocHandler : Inherits CWebUIPage_Authenticate : Implements IHttpHandler, IRequiresSessionStateInheriting this class required me to declare ProcessRequest using Overrides. Not sure if that's relevant.
Please let me know if I'm way off with this approach and if you've suggestions. Thank you
Member
50 Points
38 Posts
Re: httpHandler inheriting SessionState IsLoggedIn check
Apr 27, 2007 10:20 AM|vadivelkumar|LINK