HttpHandler implements a function similar to the ISAPI extention, which handles request information and sends a response (Response). The implementation of the HttpHandler function is achieved by implementing the IHttpHandler interface. The HttpModule implements a function similar to the ISAPI filter.
The realization of HttpModule
HttpModules implements a function similar to ISAPI filter, which usually takes the following steps in development:
1. Write a class that implements the IHttpModule interface
2. Implement the Init method, and register the required methods
3. How to Implement Registration
4. Implement the Dispose method, if you need to do some cleanup work for the class manually, you can add the implementation of the Dispose method, but this is not required, and you can usually add no code to the Dispose method.
5. In the Web. config file, register the class you wrote
The following is an example of a httpmodules that, in this example, simply registers the HttpApplication beginrequest and endrequest events and prints the relevant information through the implementation of these events.
[C-sharp]View Plaincopy
- Example 1:
- Using System;
- Using System.Web;
- Namespace MyModule
- {
- public class Mymodule:ihttpmodule
- {
- public void Init (HttpApplication application)
- {
- Application. BeginRequest + = (new
- EventHandler (This. Application_BeginRequest));
- Application. EndRequest + = (new
- EventHandler (This. Application_EndRequest));
- }
- private void Application_BeginRequest (Object source, EventArgs e)
- {
- HttpApplication application = (HttpApplication) source;
- HttpResponse Response=application.context.response;
- Response.Write ("
- }
- private void Application_EndRequest (Object source, EventArgs e)
- {
- HttpApplication application = (HttpApplication) source;
- HttpResponse Response=application.context.response;
- Response.Write ("
- }
- public void Dispose ()
- {
- }
- }
- }
The beginning of the program refers to the following namespaces:
Using system;using system.web; |
Because classes such as HttpApplication, HttpContext, HttpResponse, and so on are defined in System.Web, the System.Web namespace must be referenced.
The MyModule class implements the IHttpModule interface. In the Init method, the methods for implementing BeginRequest and EndRequest events are indicated. In both of these methods, you simply print some information separately.
Below, register this class in the Web. config file, you can use this HttpModule, the method of registration is as follows:
[C-sharp]View Plaincopy
- <configuration>
- <system.web>
-
- <add name="MyModule" type="MyModule, MyModule"/>
-
- </system.web>
- </configuration>
Now take a look at the effect. Write an ASPX page test.aspx, which reads as follows:
[C-sharp]View Plaincopy
- <%
- Response.Write ("
- %>
After running the interface:
In-depth study of HttpModule
HttpModule affects the HTTP processing pipeline by handling a series of events on the HttpApplication object, which is registered in the HttpModule init method, including:
Beginrequestauthenticaterequestauthorizerequestresolverequestcacheacquirerequeststateprerequesthandlerexecutepostrequesth Andlerexecutereleaserequeststateupdaterequestcacheendrequest |
Some of these events correspond to the events in Global.asax, and the corresponding relationships are as follows:
HttpModule |
Global.asax |
BeginRequest |
Application_BeginRequest |
AuthenticateRequest |
Application_AuthenticateRequest |
EndRequest |
Application_EndRequest |
In Example 1, the beginrequest and endrequest events are handled, and the other events are handled basically similarly.
In correspondence with HttpHandler, some of these events occur before HttpHandler and some occur after the HttpHandler has been processed. It is important to understand the order in which events occur, because the server-side objects behave differently over different time periods. One example is the use of the session. Not all events can be processed in a session, but only in a limited number of events. The detailed procedure can refer to the following HTTP request processing life cycle diagram.
Using HttpModule to implement a permission system
When we develop the application system, the permission control of the application system is a very important part. In ASP, it is troublesome to control the permissions, because we must add the permission control code in each ASP page that needs control permission, thus controlling the customer's access to the page. This brings the problem, in addition to writing a large number of duplicate code, because the rights control part and the business processing part of the module tightly coupled, the rights control module modification, often brings a lot of modification work, and even caused a lot of bugs.
Therefore, we now need to decouple the privilege control and the business processing module so that two parts can be independently developed and modified without affecting each other, or minimizing the impact. In the JSP program, this can be achieved by introducing a front-end controller to implement the permission filtering (for the front-end controller mode, you can see the "Java EE Core mode book"). In ASP. NET, we can use HttpModule to achieve the same effect. Here's a look at the implementation process.
First, we will build a privilege processing system, can detect a user to a module function has access (concrete structure, I think, the reader should be exposed to this part of the programming, so no longer repeat), wherein the exposure to the client calls the definition of the right check class is as follows:
[C-sharp]View Plaincopy
- Public class Rightchecker
- {
- public static bool Hasright (User user,module Module)
- {
- //Perform permission checks,
- }
- }
Then we use HttpModule to write a filter:
[C-sharp]View Plaincopy
- Using System;
- Using System.Web;
- Namespace MyModule
- {
- public class Mymodule:ihttpmodule
- {
- public void Init (HttpApplication application)
- {
- Application. AcquireRequestState + = (new
- EventHandler (This. Application_acquirerequeststate));
- }
- private void Application_acquirerequeststate (Object source,
- EventArgs e)
- {
- HttpApplication application = (HttpApplication) source;
- User user=application.context.sesseion["user"] //Get user
- string Url=application.context.request.path;
- Get a page for a customer visit
- Module module= //To get the modules that are located by URL
- If (! Rightchecker.hasright (User,module))
- Application.Context.Server.Transfer ("errorpage.aspx");
- If you do not have permissions, boot to the error-handling page
- }
- public void Dispose ()
- {
- }
- }
- }
Using this class as described earlier, after registering in Web. config, our application system has the function of rights management. How much better than the original way?
Conclusion
In. NET, Microsoft has greatly simplified the programming of the server extension which has the higher difficulty, it is very convenient for us to develop, it is worth our thorough research to this technology.
Asp. HttpModule of custom HTTP processing and application in net