Research on Web Development Learning 6--httpapplication Pipeline

Through the research of asp.net design thought, we have an essential understanding of the HttpApplication pipeline. The so-called pipeline, in fact, is the production line, composed of a series of steps, and HttpContext, is the line on the processing of products. Now, let's take a further look at this production line.

First, look at the Applicationstepmanager.buildsteps method.

1, Validatepathexecutionstep: Responsible for the path of the request for security checks, prohibit illegal access to the path. In depth to the Execute method of the class we found that the class directly calls the Httpcontext.validatepath method, and the latter method throws the HttpException directly when it detects an illegal path.

2, Urlmappingsexecutionstep: Responsible for the web.config set in the <urlMappings> configuration section to apply, to map a URL to a new URL address. In depth the Execute method of the class we found that the class called the Httpcontext.rewritepath method to implement address rewriting when it detected the need for URL mapping.

3, raises the BeginRequest event: This step does not have anything to say, is the notice starts processing request. However, when I looked up which module subscribed to the event, I found that the event was Urlmappingsmodule subscribed and that the module handled exactly the same thing as Urlmappingsexecutionstep. I'm wondering, isn't it superfluous?

4, the initiation of AuthenticateRequest, Defaultauthenticaterequest, postauthenticaterequest events: responsible for the identity of the user to verify. To put it bluntly, is to determine the identity of the current requester, from the code level, is set the HttpContext user attribute.

A The AuthenticateRequest event is based on Web.config configuration and can be FormsAuthenticationModule, PassportAuthenticationModule, WindowsAuthenticationModule subscriptions, which correspond to different authentication methods for each of the 3.

b The Defaultauthenticaterequest event is a internal event that can be defaultauthenticationmodule subscribed to, When the module cannot determine the user's identity in the AuthenticateRequest event (that is, the HttpContext.User property is not set), a default user identity is given, ensuring that HttpContext.User is always non-empty in subsequent processing of the pipeline. However, after viewing the source code of the module, it was found that the module, when in IIS7.0 integrated pipeline mode, did not subscribe to the Defaultauthenticationrequest event, but instead subscribed to the Postauthenticaterequest event. It is estimated that in the integrated pipeline mode of IIS7.0, the module must be executed after the module of a subscription postauthenticaterequest, thereby hitting a patch bar.

c) Postauthenticaterequest events can be subscribed to by Anonymousidentificationmodule and RoleManagerModule. Anonymousidentificationmodule manages anonymous identifiers for applications that allow applications to be anonymously accessed and maintain session consistency. RoleManagerModule can determine the identity of the user.

5, the initiation of AuthorizeRequest, Postauthorizerequest events: After the 4th step to determine the identity of the user, the next is the issue of authorization. The user is judged to have permission to access the requested resource. After you pass this step, you confirm that the user has permission to access the requested resource.

A The AuthorizeRequest event can be FileAuthorizationModule, UrlAuthorizationModule subscribed, and used to determine whether the user has access to the specified file or URL.

b The Postauthorizerequest event is not subscribed by any module by default.

6, triggering Resolverequestcache, Postresolverequestcache events: This step is when output caching works. If the resource requested by the user is available directly from the output cache, then the subsequent steps are skipped to speed up processing and improve performance.

A The Resolverequestchche event can be OutputCacheModule subscribed, which provides output caching functionality.

b The Postresolverequestcache event is not subscribed by any module by default.