Introduction to the application method of ASP.NET filter

In J2EE Web development, there is a filter filter. This filter can intercept the specified URL access and execute the filter method. According to the actual application situation, the requested code and session information can be modified in the filter, and the session information can also be modified. It can be used for permission control. In short, this filter is very meaningful. It can also be said to be an application of the chain of responsibility design pattern in J2EE.

So is it possible to define such a filter structure in ASP.NET and perform corresponding logical operations in the filter? The answer is yes, this article will tell you if you write a filter, how to configure it into an IIS web application.

Process 1: How to write a filter

Writing a filter is actually writing a filter class, that is, writing an HttpModule module. This filter should implement the IHttpModule base class and repeat Write the Init method and give you a practical example as follows:

This is a PageFilter.cs

using System;
using System.Web;
using System.Web.SessionState;
using System.Collections.Generic;
using System.Collections;
using System.Text;
using System.IO;
public class PageFilter: IHttpModule
{
        public String ModuleName
        {
            get { return "PageFilter"; }
        }
        //在 Init 方法中注册HttpApplication 
        // 通过委托方式注册事件
        public void Init(HttpApplication application)
        {
            application.AcquireRequestState += new EventHandler(Application_AcquireRequestState);            
        }
  private void Application_AcquireRequestState(Object source, EventArgs e)
        {
            HttpApplication application = (HttpApplication)source;
            HttpContext context = application.Context;
            HttpSessionState session = context.Session;
            HttpRequest request = context.Request;
            HttpResponse response = context.Response;
            String contextPath = request.ApplicationPath;
        }
}

It should be noted that "filter" can also be called "interceptor". That is, the process of intercepting the entire HTTP request/response, because the entire request/response process can be divided into many stages, then there will be a problem involved, that is, which specific stage your filter wants to intercept, the above Init In the function, you can define the specific stages you want to intercept. For example, the above interception is the stage where the request session is generated. AcquireRequestStat is the representative of this state, and the corresponding processing function after interception is Application_AcquireRequestState, so the following defines an Application_AcquireRequestState method. In this method You can obtain a series of objects such as application, context, session, request, and response through forced type conversion. Based on obtaining these objects, you can write core business logic, such as determining whether the current URL access is legal and checking Whether the current access is the access of the user after logging in, etc.

In addition, since the entire process of interception has many stages, how to intercept other stages? This should be very simple. Similar to the above, just define it according to the following logic in Init:

application.Standard name of the stage 1 += new EventHandler (name of the processing method corresponding to this stage 1);
application. The standard name of the stage 2 += new EventHandler (the corresponding processing method name of this stage 2);
. . .

The standard names of stages mean that these stages have standard names and are standard attributes of the application object, such as AcquireRequestState above, as well as BeginRequest, AuthenticateRequest, AuthorizeRequest, ResolveRequestCache, AcquireRequestState, PreRequestHandlerExecute, PostRequestHandlerExecute , ReleaseRequestState, UpdateRequestCache, EndRequest, many stages, etc. These stages have specific meanings.

The name of the processing method corresponding to this stage is actually your own definition of the method corresponding to this stage. There are examples above. , no more explanation.

Another point that needs special attention is that there are so many stages that can be intercepted, but in actual applications, we often only intercept one or two stages, and we should also note that some server objects can only be intercepted in specific stages. For example, the Session object does not exist in the BeginRequest stage, but does exist in the AcquireRequestState and subsequent stages. Therefore, specific stages must be intercepted according to actual needs. This is the most common problem for novices.

Process 2: How to configure filtering

We have written a filter for a .cs file, so how to make this filter work? This needs to be configured, and it will definitely not work by default. To intercept, you need to configure the filter into the application's Web.config file. The configuration of the above example is as follows:

<configuration>
<system.web>
 <httpModules>
   <add name="pageModule" type="PageFilter"/>
 </httpModules>
</system.web>
</configuration>

In this way, it is actually configured, and then you can publish the website to generate dll, etc. , URL access will be automatically intercepted after that time, but please remember that by default, all requests for the application will be intercepted. If you point to intercepting specific requests, for example, you want to intercept only requests for aspx files, then You can add the judgment of the file suffix name in the filter logic. If it is not aspx, just let it go.

For more related articles on the application methods of ASP.NET filters, please pay attention to the PHP Chinese website!