Last post Jul 01, 2008 01:53 PM by awilinsk
Jun 30, 2008 12:26 PM|awilinsk|LINK
I need to write an HTTP Module to log requests coming into the server. I need to figure out if a user is authorized to view the URL they requested. I also need to record if the user is authenticated, their username, there host address and host name and the
path they are requesting. Where is the best place to implement this to get all the required information (BeginRequest, AuthorizeRequest, PostAuthorizeRequest, EndRequest, etc). Also how would I tell if the user is authorized to view that url? Thanks in advance.
Jun 30, 2008 05:00 PM|docluv|LINK
I would say the PostAuthenticate the request. But you could always setup a handler that fires an event handler for each of the life cycle events. Then set a breakpoint and examine if you have all of the values you need.
Jul 01, 2008 07:52 AM|awilinsk|LINK
If someone is not authorized to view a resource, will the rest of the events still fire or will they end after the user failed authorization?
Jul 01, 2008 01:53 PM|awilinsk|LINK
It looks like the EndRequest event fires always, so I hooked up the PostAuthenticate event and set a member variable to true and in the EndRequest event I write me record to SQL Server. I don't think this is the best way to do this for performance so I think
I'm going to write my own HealthMonitoring event and HttpModule to raise those events.