tags:

views:

655

answers:

2
Q: 

Exclude HttpModule from running for static content on IIS7

I have a problem with my Authentication HttpModule. The problem is that it obviously runs for every single request I get on my web server (IIS7). Because it also uses Session variable, it fails to work properly on CSS, JS files and similar.

I tried to use:

<add name="AuthModuleName" type="..." preCondition="managedHandler" />

but to no avail. It still runs on every request regardless of its extension or mime type. I should also add, there's a setting

<modules runAllManagedModulesForAllRequests="true">

that seemed suspicious to me and actually disabled preConditions on modules. But changing it to false, breaks the application in a completely different way and with a different exception (The SessionStateTempDataProvider requires SessionState to be enabled).

Can anybody help me how to force IIS7 to exclude my HttpModule when requests are made for static content files?

A: 

I don't know about an IIS7 setting for that but you can do this.

The session object will be available only for non-static content : 

void yourEventHandler(object sender, EventArgs e) {
    HttpApplication app = (HttpApplication)sender;
    if (app.Context.Session == null) {
        return;
    }
    // then your code here...
}

This will ensure your code won't be run for files like CSS, JS etc. But keep in mind the session object will also not be ready before PostAcquireRequestState event. (For the order of the HttpApplication events, see this page.)

Edit : Also, it appears with ASP.NET Development Server (though I know you said IIS7 in your question), your HttpModule will still run even for static files.

çağdaş  2009-07-21 03:39:18
Yes I'm handling Session stuff in PostAcquireRequestState... But I still think it's possible to exclude my module altogether... I have to make it work with "runAllManagedModulesForAllRequests=false" somehow. Because this one sets my module to run on EVERY request.
Robert Koritnik  2009-07-21 05:29:45
+1  A: 

runAllManagedModulesForAllRequests attribute has to be set to false to actually configure any module the way you want. You will have to also correctly reconfigure Session and others as needed, but the main thing is handlers pipeline execution order that handles requests.

The answer was provided in one of my other questions:

Thanks to Peter that provided the answer that worked correctly.

Robert Koritnik  2009-09-09 07:03:49

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data