Processing Process for ASP. NET Runtime
In fact, every request in ASP. NET is verified and authorized. The process of verification and authorization is actually completed by triggering corresponding events.
Before describing a verification event, you must first clarify the process of receiving a request when ASP. NET is running.
Let's first describe the process so that everyone can have a general grasp: A request has arrived at ASP through IIS and ISAPI. NET pipeline, and then some transformation and packaging, and then ASP.. NET starts to process the request, and then performs authentication and authorization. Then, a series of processing operations are performed to determine what file the request is. aspx, and then start the lifecycle of the page, for example.
The order of the events triggered when processing the request is as follows:
BeginRequest: the first event triggered when processing ASP. NET requests.
AuthenticateRequest: Process Authentication
...
AuthorizeRequest: Process authorization
...
As you can see, in fact, in the process of request processing, identity authentication and authorization occurred very early. In addition, some authentication information, such as the user name and role, has been identified and filled after the two events are handled. The following is a diagram:
Generally, we want to control the request authentication and authorization by ourselves, so we can add our own code to the event processing of AuthenticateRequest and AuthorizeRequest. The above is the processing process for ASP. NET runtime.
- Introduction to ASP. NET Framework
- Introduction to ASP. NET Applications
- Processing Methods of ASP. NET framework
- Analysis on ASP. NET Security Architecture
- Overview ASP. net mvc and FubuMVC core framework