Beispiel #1
0
        /// <summary>
        /// Process this request by evaluating it appropriately.
        /// </summary>
        /// <param name="source">The source of the event.</param>
        /// <param name="e">EventArgs passed in.</param>
        private void Application_ProcessRequest(Object source, EventArgs e)
        {
            // Cast the source as an HttpApplication instance.
            HttpApplication Context = source as HttpApplication;

            if (Context != null)
            {
                // Retrieve the settings from application state.
                Settings Settings = (Settings)Context.Application["Settings"];

                // Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
                // evaluation of the current request.
                EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
                OnBeforeEvaluateRequest(Args);

                if (!Args.CancelEvaluation)
                {
                    // Evaluate the response against the settings.
                    SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);

                    // Take appropriate action.
                    if (Secure == SecurityType.Secure)
                    {
                        SslHelper.RequestSecurePage(Settings);
                    }
                    else if (Secure == SecurityType.Insecure)
                    {
                        SslHelper.RequestUnsecurePage(Settings);
                    }
                }
            }
        }
Beispiel #2
0
        /// <summary>
        /// Raises the EvaluateRequest event and returns any result for the expected security.
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        protected RequestSecurity?EvaluatorCallback(HttpContextBase context)
        {
            Logger.Log("Raising the EvaluateRequest event.", Logger.LogLevel.Info);
            var eventArgs = new EvaluateRequestEventArgs(context, _settings);

            InvokeEvaluateRequest(eventArgs);

            return(eventArgs.ExpectedSecurity);
        }
Beispiel #3
0
        /// <summary>
        /// Raises the EvaluateRequest event.
        /// </summary>
        /// <param name="args">The EvaluateRequestEventArgs used by any event handler(s).</param>
        private void InvokeEvaluateRequest(EvaluateRequestEventArgs args)
        {
            var handler = EvaluateRequest;

            if (handler != null)
            {
                handler(this, args);
            }
        }
Beispiel #4
0
        //private void Application_BeginRequest(object sender, EventArgs e) {
        //    HttpApplication Context = sender as HttpApplication;
        //    if (Context != null) {
        //        if (IsCookielessSessionUsed(Context)) {
        //            // This ensures that the session ID is available for cookie-less session processing.
        //            Context.AcquireRequestState += new EventHandler(Application_ProcessRequest);
        //        } else {
        //            // Process the request here.
        //            Application_ProcessRequest(sender, e);
        //        }
        //    }
        //}

        ///// <summary>
        ///// Determines if cookie-less sessions are being used.
        ///// </summary>
        ///// <param name="context">The HttpApplication this module is bound to.</param>
        ///// <returns></returns>
        //protected bool IsCookielessSessionUsed(HttpApplication context) {
        //    string VirtualPath = context.Request.Path;
        //    string ModifiedPath = context.Response.ApplyAppPathModifier(VirtualPath);
        //    return !ModifiedPath.Equals(VirtualPath);
        //}

        /// <summary>
        /// Raises the BeforeEvaluateRequest event.
        /// </summary>
        /// <param name="e">The EvaluateRequestEventArgs used for the event.</param>
        protected void OnBeforeEvaluateRequest(EvaluateRequestEventArgs e)
        {
            // Raise the event.
            BeforeEvaluateRequestEventHandler Handler = BeforeEvaluateRequest;

            if (Handler != null)
            {
                Handler(this, e);
            }
        }
        protected void SecuritySwitch_EvaluateRequest(object sender, EvaluateRequestEventArgs e)
        {
            // Decide whether or not to let the SecuritySwitch module evaluate this request.

            // In this case, we are overriding the module's evaluation of this request if there is a query string value of "yes" for the "ignoreSecurity" parameter.
            // * The ignoreSecurity query string parameter is randomly set for pages under the Cms site map area.
            var ignoreSecurityParamValue = Request.QueryString["ignoreSecurity"];
            if (!string.IsNullOrEmpty(ignoreSecurityParamValue) &&
                ignoreSecurityParamValue.Equals("yes", StringComparison.OrdinalIgnoreCase)) {
                e.ExpectedSecurity = RequestSecurity.Ignore;
            }
        }
Beispiel #6
0
        protected void SecuritySwitch_EvaluateRequest(object sender, EvaluateRequestEventArgs e)
        {
            var pageElements = e.Context.Items["pageElements"] as Hashtable;

            if (pageElements != null && e.Settings.Mode != Mode.Off)
            {
                e.ExpectedSecurity = Convert.ToString(pageElements["forceHttps"]) == "1" ? RequestSecurity.Secure : RequestSecurity.Insecure;
            }
            //else
            //{
            //    e.ExpectedSecurity = RequestSecurity.Insecure;
            //}
        }
Beispiel #7
0
        /// <summary>
        /// Process this request by evaluating it appropriately.
        /// </summary>
        /// <param name="source">The source of the event.</param>
        /// <param name="e">EventArgs passed in.</param>
        private void Application_ProcessRequest(Object source, EventArgs e)
        {
            // Cast the source as an HttpApplication instance.
            HttpApplication Context = source as HttpApplication;

            DebugHelper.OutputIf(Context == null, "No context to process!");
            if (Context != null)
            {
                // Retrieve the settings from application state.
                Settings Settings = (Settings)Context.Application["Settings"];
                DebugHelper.Output(Settings != null ? "Settings retrieved from application cache." : "Settings not found in application cache!");

                // Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
                // evaluation of the current request.
                EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
                DebugHelper.Output("BeforeEvaluateRequest event about to fire.");
                OnBeforeEvaluateRequest(Args);
                DebugHelper.Output("BeforeEvaluateRequest event fired and returned.");

                DebugHelper.OutputIf(Args.CancelEvaluation, "Evaluation was canceled by a user event handler.");
                if (!Args.CancelEvaluation)
                {
                    // Evaluate the response against the settings.
                    SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);

                    // Take appropriate action.
                    DebugHelper.OutputIf(Secure == SecurityType.Ignore, "Ignoring request.");
                    if (Secure == SecurityType.Secure)
                    {
                        SslHelper.RequestSecurePage(Settings);
                    }
                    else if (Secure == SecurityType.Insecure)
                    {
                        SslHelper.RequestUnsecurePage(Settings);
                    }
                }
            }
        }
		/// <summary>
		/// Process this request by evaluating it appropriately.
		/// </summary>
		/// <param name="source">The source of the event.</param>
		/// <param name="e">EventArgs passed in.</param>
		private void Application_ProcessRequest(Object source, EventArgs e) {
			// Cast the source as an HttpApplication instance.
			HttpApplication Context = source as HttpApplication;
			if (Context != null) {
				// Retrieve the settings from application state.
				Settings Settings = (Settings)Context.Application["Settings"];

				// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the 
				// evaluation of the current request.
				EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
				OnBeforeEvaluateRequest(Args);

				if (!Args.CancelEvaluation) {
					// Evaluate the response against the settings.
					SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);

					// Take appropriate action.
					if (Secure == SecurityType.Secure)
						SslHelper.RequestSecurePage(Settings);
					else if (Secure == SecurityType.Insecure)
						SslHelper.RequestUnsecurePage(Settings);
				}
			}
		}
 /// <summary>
 /// Raises the EvaluateRequest event.
 /// </summary>
 /// <param name="args">The EvaluateRequestEventArgs used by any event handler(s).</param>
 private void InvokeEvaluateRequest(EvaluateRequestEventArgs args)
 {
     var handler = EvaluateRequest;
     if (handler != null) {
         handler(this, args);
     }
 }
        /// <summary>
        /// Raises the EvaluateRequest event and returns any result for the expected security.
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>
        protected RequestSecurity? EvaluatorCallback(HttpContextBase context)
        {
            Logger.Log("Raising the EvaluateRequest event.", Logger.LogLevel.Info);
            var eventArgs = new EvaluateRequestEventArgs(context, _settings);
            InvokeEvaluateRequest(eventArgs);

            return eventArgs.ExpectedSecurity;
        }
		//private void Application_BeginRequest(object sender, EventArgs e) {
		//    HttpApplication Context = sender as HttpApplication;
		//    if (Context != null) {
		//        if (IsCookielessSessionUsed(Context)) {
		//            // This ensures that the session ID is available for cookie-less session processing.
		//            Context.AcquireRequestState += new EventHandler(Application_ProcessRequest);
		//        } else {
		//            // Process the request here.
		//            Application_ProcessRequest(sender, e);
		//        }
		//    }
		//}

		///// <summary>
		///// Determines if cookie-less sessions are being used.
		///// </summary>
		///// <param name="context">The HttpApplication this module is bound to.</param>
		///// <returns></returns>
		//protected bool IsCookielessSessionUsed(HttpApplication context) {
		//    string VirtualPath = context.Request.Path;
		//    string ModifiedPath = context.Response.ApplyAppPathModifier(VirtualPath);
		//    return !ModifiedPath.Equals(VirtualPath);
		//}
		
		/// <summary>
		/// Raises the BeforeEvaluateRequest event.
		/// </summary>
		/// <param name="e">The EvaluateRequestEventArgs used for the event.</param>
		protected void OnBeforeEvaluateRequest(EvaluateRequestEventArgs e) {
			// Raise the event.
			BeforeEvaluateRequestEventHandler Handler = BeforeEvaluateRequest;
			if (Handler != null)
				Handler(this, e);
		}
		/// <summary>
		/// Process this request by evaluating it appropriately.
		/// </summary>
		/// <param name="source">The source of the event.</param>
		/// <param name="e">EventArgs passed in.</param>
		private void Application_ProcessRequest(Object source, EventArgs e) {
			// Cast the source as an HttpApplication instance.
			HttpApplication Context = source as HttpApplication;
			DebugHelper.OutputIf(Context == null, "No context to process!");
			if (Context != null) {
				// Retrieve the settings from application state.
				Settings Settings = (Settings)Context.Application["Settings"];
				DebugHelper.Output(Settings != null ? "Settings retrieved from application cache." : "Settings not found in application cache!");

				// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the 
				// evaluation of the current request.
				EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
				DebugHelper.Output("BeforeEvaluateRequest event about to fire.");
				OnBeforeEvaluateRequest(Args);
				DebugHelper.Output("BeforeEvaluateRequest event fired and returned.");

				DebugHelper.OutputIf(Args.CancelEvaluation, "Evaluation was canceled by a user event handler.");
				if (!Args.CancelEvaluation) {
					// Evaluate the response against the settings.
					SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);

					// Take appropriate action.
					DebugHelper.OutputIf(Secure == SecurityType.Ignore, "Ignoring request.");
					if (Secure == SecurityType.Secure) {
						SslHelper.RequestSecurePage(Settings);
					} else if (Secure == SecurityType.Insecure) {
						SslHelper.RequestUnsecurePage(Settings);
					}
				}
			}
		}