/// <summary>
/// Process this request by evaluating it appropriately.
/// </summary>
/// <param name="source">The source of the event.</param>
/// <param name="e">EventArgs passed in.</param>
private void Application_ProcessRequest(Object source, EventArgs e)
{
// Cast the source as an HttpApplication instance.
HttpApplication Context = source as HttpApplication;
if (Context != null)
{
// Retrieve the settings from application state.
Settings Settings = (Settings)Context.Application["Settings"];
// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
// evaluation of the current request.
EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
OnBeforeEvaluateRequest(Args);
if (!Args.CancelEvaluation)
{
// Evaluate the response against the settings.
SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);
// Take appropriate action.
if (Secure == SecurityType.Secure)
{
SslHelper.RequestSecurePage(Settings);
}
else if (Secure == SecurityType.Insecure)
{
SslHelper.RequestUnsecurePage(Settings);
}
}
}
}
/// <summary>
/// Raises the EvaluateRequest event and returns any result for the expected security.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
protected RequestSecurity?EvaluatorCallback(HttpContextBase context)
{
Logger.Log("Raising the EvaluateRequest event.", Logger.LogLevel.Info);
var eventArgs = new EvaluateRequestEventArgs(context, _settings);
InvokeEvaluateRequest(eventArgs);
return(eventArgs.ExpectedSecurity);
}
/// <summary>
/// Raises the EvaluateRequest event.
/// </summary>
/// <param name="args">The EvaluateRequestEventArgs used by any event handler(s).</param>
private void InvokeEvaluateRequest(EvaluateRequestEventArgs args)
{
var handler = EvaluateRequest;
if (handler != null)
{
handler(this, args);
}
}
//private void Application_BeginRequest(object sender, EventArgs e) {
// HttpApplication Context = sender as HttpApplication;
// if (Context != null) {
// if (IsCookielessSessionUsed(Context)) {
// // This ensures that the session ID is available for cookie-less session processing.
// Context.AcquireRequestState += new EventHandler(Application_ProcessRequest);
// } else {
// // Process the request here.
// Application_ProcessRequest(sender, e);
// }
// }
//}
///// <summary>
///// Determines if cookie-less sessions are being used.
///// </summary>
///// <param name="context">The HttpApplication this module is bound to.</param>
///// <returns></returns>
//protected bool IsCookielessSessionUsed(HttpApplication context) {
// string VirtualPath = context.Request.Path;
// string ModifiedPath = context.Response.ApplyAppPathModifier(VirtualPath);
// return !ModifiedPath.Equals(VirtualPath);
//}
/// <summary>
/// Raises the BeforeEvaluateRequest event.
/// </summary>
/// <param name="e">The EvaluateRequestEventArgs used for the event.</param>
protected void OnBeforeEvaluateRequest(EvaluateRequestEventArgs e)
{
// Raise the event.
BeforeEvaluateRequestEventHandler Handler = BeforeEvaluateRequest;
if (Handler != null)
{
Handler(this, e);
}
}
protected void SecuritySwitch_EvaluateRequest(object sender, EvaluateRequestEventArgs e)
{
// Decide whether or not to let the SecuritySwitch module evaluate this request.
// In this case, we are overriding the module's evaluation of this request if there is a query string value of "yes" for the "ignoreSecurity" parameter.
// * The ignoreSecurity query string parameter is randomly set for pages under the Cms site map area.
var ignoreSecurityParamValue = Request.QueryString["ignoreSecurity"];
if (!string.IsNullOrEmpty(ignoreSecurityParamValue) &&
ignoreSecurityParamValue.Equals("yes", StringComparison.OrdinalIgnoreCase)) {
e.ExpectedSecurity = RequestSecurity.Ignore;
}
}
protected void SecuritySwitch_EvaluateRequest(object sender, EvaluateRequestEventArgs e)
{
var pageElements = e.Context.Items["pageElements"] as Hashtable;
if (pageElements != null && e.Settings.Mode != Mode.Off)
{
e.ExpectedSecurity = Convert.ToString(pageElements["forceHttps"]) == "1" ? RequestSecurity.Secure : RequestSecurity.Insecure;
}
//else
//{
// e.ExpectedSecurity = RequestSecurity.Insecure;
//}
}
/// <summary>
/// Process this request by evaluating it appropriately.
/// </summary>
/// <param name="source">The source of the event.</param>
/// <param name="e">EventArgs passed in.</param>
private void Application_ProcessRequest(Object source, EventArgs e)
{
// Cast the source as an HttpApplication instance.
HttpApplication Context = source as HttpApplication;
DebugHelper.OutputIf(Context == null, "No context to process!");
if (Context != null)
{
// Retrieve the settings from application state.
Settings Settings = (Settings)Context.Application["Settings"];
DebugHelper.Output(Settings != null ? "Settings retrieved from application cache." : "Settings not found in application cache!");
// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
// evaluation of the current request.
EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
DebugHelper.Output("BeforeEvaluateRequest event about to fire.");
OnBeforeEvaluateRequest(Args);
DebugHelper.Output("BeforeEvaluateRequest event fired and returned.");
DebugHelper.OutputIf(Args.CancelEvaluation, "Evaluation was canceled by a user event handler.");
if (!Args.CancelEvaluation)
{
// Evaluate the response against the settings.
SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);
// Take appropriate action.
DebugHelper.OutputIf(Secure == SecurityType.Ignore, "Ignoring request.");
if (Secure == SecurityType.Secure)
{
SslHelper.RequestSecurePage(Settings);
}
else if (Secure == SecurityType.Insecure)
{
SslHelper.RequestUnsecurePage(Settings);
}
}
}
}
/// <summary>
/// Process this request by evaluating it appropriately.
/// </summary>
/// <param name="source">The source of the event.</param>
/// <param name="e">EventArgs passed in.</param>
private void Application_ProcessRequest(Object source, EventArgs e) {
// Cast the source as an HttpApplication instance.
HttpApplication Context = source as HttpApplication;
if (Context != null) {
// Retrieve the settings from application state.
Settings Settings = (Settings)Context.Application["Settings"];
// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
// evaluation of the current request.
EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
OnBeforeEvaluateRequest(Args);
if (!Args.CancelEvaluation) {
// Evaluate the response against the settings.
SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);
// Take appropriate action.
if (Secure == SecurityType.Secure)
SslHelper.RequestSecurePage(Settings);
else if (Secure == SecurityType.Insecure)
SslHelper.RequestUnsecurePage(Settings);
}
}
}
/// <summary>
/// Raises the EvaluateRequest event.
/// </summary>
/// <param name="args">The EvaluateRequestEventArgs used by any event handler(s).</param>
private void InvokeEvaluateRequest(EvaluateRequestEventArgs args)
{
var handler = EvaluateRequest;
if (handler != null) {
handler(this, args);
}
}
/// <summary>
/// Raises the EvaluateRequest event and returns any result for the expected security.
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
protected RequestSecurity? EvaluatorCallback(HttpContextBase context)
{
Logger.Log("Raising the EvaluateRequest event.", Logger.LogLevel.Info);
var eventArgs = new EvaluateRequestEventArgs(context, _settings);
InvokeEvaluateRequest(eventArgs);
return eventArgs.ExpectedSecurity;
}
//private void Application_BeginRequest(object sender, EventArgs e) {
// HttpApplication Context = sender as HttpApplication;
// if (Context != null) {
// if (IsCookielessSessionUsed(Context)) {
// // This ensures that the session ID is available for cookie-less session processing.
// Context.AcquireRequestState += new EventHandler(Application_ProcessRequest);
// } else {
// // Process the request here.
// Application_ProcessRequest(sender, e);
// }
// }
//}
///// <summary>
///// Determines if cookie-less sessions are being used.
///// </summary>
///// <param name="context">The HttpApplication this module is bound to.</param>
///// <returns></returns>
//protected bool IsCookielessSessionUsed(HttpApplication context) {
// string VirtualPath = context.Request.Path;
// string ModifiedPath = context.Response.ApplyAppPathModifier(VirtualPath);
// return !ModifiedPath.Equals(VirtualPath);
//}
/// <summary>
/// Raises the BeforeEvaluateRequest event.
/// </summary>
/// <param name="e">The EvaluateRequestEventArgs used for the event.</param>
protected void OnBeforeEvaluateRequest(EvaluateRequestEventArgs e) {
// Raise the event.
BeforeEvaluateRequestEventHandler Handler = BeforeEvaluateRequest;
if (Handler != null)
Handler(this, e);
}
/// <summary>
/// Process this request by evaluating it appropriately.
/// </summary>
/// <param name="source">The source of the event.</param>
/// <param name="e">EventArgs passed in.</param>
private void Application_ProcessRequest(Object source, EventArgs e) {
// Cast the source as an HttpApplication instance.
HttpApplication Context = source as HttpApplication;
DebugHelper.OutputIf(Context == null, "No context to process!");
if (Context != null) {
// Retrieve the settings from application state.
Settings Settings = (Settings)Context.Application["Settings"];
DebugHelper.Output(Settings != null ? "Settings retrieved from application cache." : "Settings not found in application cache!");
// Call the BeforeEvaluateRequest event and check if a subscriber indicated to cancel the
// evaluation of the current request.
EvaluateRequestEventArgs Args = new EvaluateRequestEventArgs(Context, Settings);
DebugHelper.Output("BeforeEvaluateRequest event about to fire.");
OnBeforeEvaluateRequest(Args);
DebugHelper.Output("BeforeEvaluateRequest event fired and returned.");
DebugHelper.OutputIf(Args.CancelEvaluation, "Evaluation was canceled by a user event handler.");
if (!Args.CancelEvaluation) {
// Evaluate the response against the settings.
SecurityType Secure = RequestEvaluator.Evaluate(Context.Request, Settings, false);
// Take appropriate action.
DebugHelper.OutputIf(Secure == SecurityType.Ignore, "Ignoring request.");
if (Secure == SecurityType.Secure) {
SslHelper.RequestSecurePage(Settings);
} else if (Secure == SecurityType.Insecure) {
SslHelper.RequestUnsecurePage(Settings);
}
}
}
}
