locked
How to run a block of code (that uses session variables) on every http request from browser RRS feed

  • 問題

  • Hi,

     

    In my ASP.Net application, I have my business logic written in a DLL that is accessed by the Presentation tier(aspx pages). I have saved the user roles and his other security related information in the user's Session. I want that after a user is logged, On every subsequent http request from the browser, a BLOCK OF CODE should read the Session variables and add them to the current Thread, so that when the aspx page calls the business-logic DLL, the DLL can extract the security information of the user and work accordingly.
    I was trying to write that BLOCK OF CODE in Application_AuthenticateRequest event handler in the Global.asax but later realized that the Session variables are NOT available in that.

    I do not want to embed user security information in the Forms Authentication Ticket because this information may be too big and shall consume much network traffic.

    Can someone suggest, where should I write that BLOCK OF CODE, which gets executed on every incoming request from the browser and also use Session variables.

     

    Thanks in advance,

    2009年1月6日 上午 07:13

解答

  • Hello,

    You can try to use Session in Application_AcquireRequestState or Application_PreRequestHandlerExecute.

    e.g
     private void Application_AcquireRequestState(object sender, EventArgs e)
        {
            System.Web.HttpApplication App = ((HttpApplication)sender);
            if (App.Context.Session == null) return;    

        }
        private void Application_PreRequestHandlerExecute(object sender, EventArgs e)
        {
            System.Web.HttpApplication App = ((HttpApplication)sender);
            if (App.Context.Session == null) return;
        }
    2009年1月7日 上午 08:53