In a 2012 essay recording, you can learn how to customize the HttpModule, and the specific code for the requirements development may not be able to get everyone to understand what can be quickly scanned.
1 usingSystem;2 usingsystem.web;3 4 usingSystem.Configuration;5 usingSystem.Web.Configuration;6 usingMicrosoft.SharePoint;7 usingSystem.Net;8 usingSystem.Security.Principal;9 Ten namespacewebapplication1.eventhandlers One { A /// <summary> - ///implement URL redirection under Windows Authentication, such as: - ///1, not logged in users, do not pop windows certification window, but jump back to the SSO site; the ///2, support the SharePoint anonymous site, temporarily does not support the document library or the list library disconnects anonymous access after inheritance - /// </summary> - Public classSsoredirect:ihttpmodule - { + Public voidDispose () - { + //throw new NotImplementedException (); A } at - Public voidInit (HttpApplication context) - { -Context. AuthenticateRequest + =NewEventHandler (context_authenticaterequest); - } - in /// <summary> - ///This event is raised when the ASP. NET runtime prepares to authenticate the user to /// </summary> + /// <param name= "Sender" ></param> - /// <param name= "E" ></param> the Internal voidContext_authenticaterequest (Objectsender, EventArgs e) * { $ TryPanax Notoginseng { - //Ignore postback's request theHttpContext context =HttpContext.Current; + if(Context = =NULL|| Context. Request.HttpMethod.ToUpper () = ="POST") A { the return; + } - $ if(Iswindowsauth ()) $ { - stringurl = context. Request.Url.AbsolutePath.ToString (). ToLower ();//"/" - stringFullUrl = context. Request.Url.OriginalString.ToString (). ToLower ();//"http://yxjt.contoso.com: 80/" the - stringStrssourl ="/test/default.aspx";//configurationmanager.appsettings["Ssourl"];Wuyi if(!string. IsNullOrEmpty (Strssourl)) the { - if(URL.) IndexOf (Strssourl.tolower ()) = =-1) Wu { - if(! Isanonymous (FullUrl))//is a page that is not anonymously accessed About { $ if(!context. request.isauthenticated && isvalidurl (URL))//is not a logged-on user, and is a valid address to be validated - { - context. Response.Redirect (Strssourl); - } A } + } the } - } $ } the Catch(Exception ex) the { the the } - } in the /// <summary> the ///determine if Windows is certified About /// </summary> the /// <returns>whether Windows is certified</returns> the Private BOOLIswindowsauth () the { +Configuration C = webconfigurationmanager.openwebconfiguration ("/web.config"); -Authenticationsection auth = (authenticationsection) c.getsection ("system.web/authentication"); the returnAuth. Mode = =authenticationmode.windows;Bayi } the the /// <summary> - ///determine whether to allow anonymous access to the site - /// </summary> the /// <param name= "Requestfullurl" >The requested address, for example, "http://yxjt.contoso.com: 80/"</param> the /// <returns>is a site that allows anonymous access</returns> the Private BOOLIsanonymous (stringRequestfullurl) the { - BOOLIsanonymous =false; theRequestfullurl = Requestfullurl.split (New Char[] {'?'})[0]; the theSpsecurity.runwithelevatedprivileges (Delegate()94 { theSPSite site =NewSPSite (Requestfullurl);//do not use the using automatic garbage collection, otherwise throw exception theSPWeb Web = site. OpenWeb ();//Key Wording theIsanonymous =web. allowanonymousaccess;98 }); About returnisanonymous; - }101 102 /// <summary>103 ///determine if the address is valid104 /// </summary> the /// <param name= "Requesturl" >requested address, e.g. "/"</param>106 /// <returns>is a valid address</returns>107 Private BOOLIsvalidurl (stringRequesturl)108 {109 BOOLIsvalidurl =false; theRequesturl = Requesturl.split (New Char[] {'?'})[0];111 intindex = Requesturl.lastindexof ("."); the if(Index! =-1)//whether to include the. Number113 { theIsvalidurl = Requesturl.endswith (". aspx");//whether to end with. aspx URLs the } the Else117 {118Isvalidurl =true;119 } - returnIsvalidurl;121 }122 }123}
Custom HttpModule for users who are not logged in, do not eject Windows Authentication window, but jump back to the SSO site