Last post Apr 23, 2010 04:13 PM by nbhor
Apr 23, 2010 03:15 PM|nbhor|LINK
Hi we are developing a custom authentication module with custom user identity object. Web application also uses few custom controls which has embeded resources in it. Development machine has IIS7 running on it.
Authentication module is running fine and redirecting users to login page. On successful login, users are redirected back to returnurl.
Now problem is, on login page we are using custom header control with embeded image resources in it. So whenever control gets rendered, it returns WebResource.axd?querystring url for it. Page also reports syntax error, for these resources.
To me it looks like, authentication module is getting executed for these webresources and fails to load due to invalid authentication cookie.
If I disable custom authentication module, all webresources loads fine.
I had some luck suppressing authenitcation for local css and images by specifying following line with precondtion in web.config for http module.
<add name="UserAuthenticationModule" preCondition="managedHandler" type="User.Web.Security.Module" />
But I cant find any solution to suppress custom authentication for webresource.axd handlers.
I have tried few following approaches with no luck.
1. Adding following lines of code to web.config
2. Tried removing AssemblyResourceLoader-Integrated http handler and adding with empty precondition.
<add name="AssemblyResourceLoader-Integrated" preCondition="" verb="GET" path="WebResource.axd" type="System.Web.Handlers.AssemblyResourceLoader"/>
Any help is appreciated.
Thanks for looking :)
Apr 23, 2010 03:22 PM|anas|LINK
In the custom module and before handing the incoming request,add if statment and check the extension of the requested file.If it's an axd file, do nothing.
Apr 23, 2010 03:35 PM|nbhor|LINK
But is that the only way to handle this situation? There is no other possible approach (like changing web.config entries)? Thats the last resort I have in my list to resolve the issue.
I hate to do something like this
http://www.west-wind.com/weblog/posts/365690.aspx . I was going the comments section and thought may be there is something to resolve my issue
Apr 23, 2010 04:01 PM|anas|LINK
The HttpModule will intercept any request that is handled by ASP.NET runtime.And since the .axd is one of those files that are handled by the runtime, I think you will need to handle this case in your module code.
Apr 23, 2010 04:13 PM|nbhor|LINK
No problem. I will handle it in my code.
Thanks a lot for such a prompt reply.