Re: Setting Principal for HttpWorkerRequest

From: Bassel Tabbara [MSFT] (basselt@online.microsoft.com)
Date: 04/22/03 

From: basselt@online.microsoft.com ("Bassel Tabbara [MSFT]")
Date: Mon, 21 Apr 2003 23:57:50 GMT

Hello Frank,
You need to create a HTTPModule that will handle the authentication there.
HTTP modules and HTTP handlers are an integral part of the ASP.NET
architecture. While a request is being processed, each request is processed
by multiple HTTP modules (for example, the authentication module and the
session module) and is then processed by a single HTTP handler. After the
handler has processed the request, the request flows back through the HTTP
modules.

Modules are called before and after the handler executes. Modules enable
developers to intercept, participate in, or modify each individual request.
Modules implement the IHttpModule interface, which is located in the
System.Web namespace.
An HttpApplication class provides a number of events with which modules can
synchronize. The following events are available for modules to synchronize
with on each request. These events are listed in sequential order:

- BeginRequest.
- AuthenticateRequest
- AuthorizeRequest
- ResolveRequestCache
- AcquireRequestState
- PreRequestHandlerExecute
- PostRequestHandlerExecute
- ReleaseRequestState
- UpdateRequestCache
- EndRequest

The following events are available for modules to synchronize with for each
request transmission. The order of these events is non-deterministic.

- PreSendRequestHeaders
- PreSendRequestContent
- Error

For more information refer to the following Kb articles:

307996 HOW TO: Create an ASP.NET HTTP Module Using Visual C# .NET
http://support.microsoft.com/?id=307996

308000 HOW TO: Create an ASP.NET HTTP Module Using Visual Basic .NET
http://support.microsoft.com/?id=308000

Thanks,
Bassel Tabbara
Microsoft, ASP.NET

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------
| X-Tomcat-ID: 470110967
| References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
<mVCoQMF6CHA.2496@cpmsftngxa06> <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
<APaZd1o6CHA.1864@cpmsftngxa06> <f6wLllm8CHA.1864@cpmsftngxa06>
<Obu#co$$CHA.2368@TK2MSFTNGP10.phx.gbl>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: michmo@online.microsoft.com ("Mike Moore [MS]")
| Organization: Microsoft
| Date: Fri, 18 Apr 2003 22:10:21 GMT
| Subject: Re: Setting Principal for HttpWorkerRequest
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| Message-ID: <QFZzQdfBDHA.2556@cpmsftngxa06.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Lines: 224
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:4866
| NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
|
| Hi Frank,
|
| I apologize for the delay in answering you. I've been on vacation and
will
| investigate this further on Monday.
|
| Thank you, Mike Moore
| Microsoft, ASP.NET
|
| This posting is provided "AS IS", with no warranties, and confers no
rights.
|
| --------------------
| | >From: "Frank" <msdndev@bourier.de>
| | >References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| <mVCoQMF6CHA.2496@cpmsftngxa06> <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| <APaZd1o6CHA.1864@cpmsftngxa06> <f6wLllm8CHA.1864@cpmsftngxa06>
| | >Subject: Re: Setting Principal for HttpWorkerRequest
| | >Date: Fri, 11 Apr 2003 09:16:19 +0200
| | >Lines: 208
| | >X-Priority: 3
| | >X-MSMail-Priority: Normal
| | >X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| | >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| | >Message-ID: <Obu#co$$CHA.2368@TK2MSFTNGP10.phx.gbl>
| | >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | >NNTP-Posting-Host: pd9e6a4c0.dip0.t-ipconnect.de 217.230.164.192
| | >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
| | >Xref: cpmsftngxa06.phx.gbl
| microsoft.public.dotnet.framework.aspnet.security:4770
| | >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | >
| | >Hallo,
| | >
| | >why is the call(different Principals)
| | >
| | >System.Threading.Thread.CurrentPrincipal
| | >
| | >different from the call
| | >Context.User
| | >
| | >I would like to use PrincipalPermission and User.IsinRole in a normal
| | >WebService Method. For that reason i have to set the
| | >Thread.CurrentPrincipal, but the User has another Principal, so i have
| set
| | >the user Context.User with the new GenericUser, too. Why?
| | >
| | >Frank
| | >--
| | >---------------------------
| | >To send an eMail remove NOSPAM
| | >"Mike Moore [MSFT]" <michmo@online.microsoft.com> schrieb im
Newsbeitrag
| | >news:f6wLllm8CHA.1864@cpmsftngxa06...
| | >> Hi,
| | >>
| | >> With off-line communication, we found this solution for Steve:
| | >>
| | >> 1)
| | >> Dim g As New System.Security.Principal.GenericIdentity(...)
| | >> HttpContext.Current.User = g
| | >>
| | >> 2)
| | >> Place the above in an HTTPModule so that it affects the entire
| | >application.
| | >> For information on writing modules:
| | >> 308000 HOW TO: Create an ASP.NET HTTP Module Using Visual Basic .NET
| | >> http://support.microsoft.com/?id=308000
| | >>
| | >> Thank you, Mike Moore
| | >> Microsoft, ASP.NET
| | >>
| | >> This posting is provided "AS IS", with no warranties, and confers no
| | >rights.
| | >>
| | >> --------------------
| | >> | >X-Tomcat-ID: 20009685
| | >> | >References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | >> <mVCoQMF6CHA.2496@cpmsftngxa06>
<#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| | >> | >MIME-Version: 1.0
| | >> | >Content-Type: text/plain
| | >> | >Content-Transfer-Encoding: 7bit
| | >> | >From: michmo@online.microsoft.com ("Mike Moore [MSFT]")
| | >> | >Organization: Microsoft
| | >> | >Date: Sat, 15 Mar 2003 00:54:23 GMT
| | >> | >Subject: Re: Setting Principal for HttpWorkerRequest
| | >> | >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | >> | >Message-ID: <APaZd1o6CHA.1864@cpmsftngxa06>
| | >> | >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | >> | >Lines: 109
| | >> | >NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
| | >> | >Path: cpmsftngxa08.phx.gbl!cpmsftngxa06
| | >> | >Xref: cpmsftngxa08.phx.gbl
| | >> microsoft.public.dotnet.framework.aspnet.security:4397
| | >> | >
| | >> | >Hi Stephen,
| | >> | >
| | >> | >I'd like to put you in touch with one of my coworkers. Can you
| contact
| | >> me
| | >> | >directly? Remove "online." from my no spam alias:
| | >> | >michmo@online.microsoft.com.
| | >> | >
| | >> | >For other readers, we will post the results after we finish our
| | >> discussion.
| | >> | >
| | >> | >Thank you, Mike Moore
| | >> | >Microsoft, ASP.NET
| | >> | >
| | >> | >This posting is provided "AS IS", with no warranties, and confers
no
| | >> rights.
| | >> | >
| | >> | >--------------------
| | >> | >>From: "Stephen Walch" <swalch@proposion.com>
| | >> | >>References: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | >> | ><mVCoQMF6CHA.2496@cpmsftngxa06>
| | >> | >>Subject: Re: Setting Principal for HttpWorkerRequest
| | >> | >>Date: Thu, 13 Mar 2003 18:00:26 -0500
| | >> | >>Lines: 86
| | >> | >>X-Priority: 3
| | >> | >>X-MSMail-Priority: Normal
| | >> | >>X-Newsreader: Microsoft Outlook Express 5.50.4807.1700
| | >> | >>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| | >> | >>Message-ID: <#9yRSRb6CHA.1624@TK2MSFTNGP11.phx.gbl>
| | >> | >>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | >> | >>NNTP-Posting-Host: 65.205.13.190
| | >> | >>Path: cpmsftngxa06!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl
| | >> | >>Xref: cpmsftngxa06
| | >> microsoft.public.dotnet.framework.aspnet.security:4343
| | >> | >>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | >> | >>
| | >> | >>Thank you, but this thread does not have anything to do with
| setting
| | >the
| | >> | >>Identity/Principal for a request. Maybe I should explain what I
| want
| | >a
| | >> | >>little better:
| | >> | >>
| | >> | >>I am implementing my own server that will authenticate users
using
| | >> | >>out-of-band methods (like IIS does in the case of Windows
| | >> authentication).
| | >> | >>I am implementing an HttpWorkerRequest and asking HttpRuntime to
| | >> process
| | >> | >the
| | >> | >>request. I expect existing ASP.NET applications to work without
| | >> changes,
| | >> | >>but if those applications happen to examine
| | >> | >>HttpContext.Current.User.Identity or HttpContext.Principal, they
| | >should
| | >> see
| | >> | >>the credentials that my code set in advance.
| | >> | >>
| | >> | >>Thanks,
| | >> | >>
| | >> | >>Steve
| | >> | >>
| | >> | >>""Mike Moore [MSFT]"" <michmo@online.microsoft.com> wrote in
| message
| | >> | >>news:mVCoQMF6CHA.2496@cpmsftngxa06...
| | >> | >>> Hi Stephen,
| | >> | >>>
| | >> | >>> I found some sample code by searching Google on the words:
| | >> | >>> HttpWorkerRequest ProcessRequest
| | >> | >>>
| | >> | >>> It's a thread (conversation) from 7/25/2002 with subject:
| | >> | >>ApplicationHost
| | >> | >>> gives a NullReferenceException when processing ...
| | >> | >>>
| | >> | >>> Here's a link to the thread (please pardon the line breaks):
| | >> | >>>
| | >> | >>> http://groups.google.com/groups?
| | >> | >>> q=group:microsoft.public.dotnet.framework+insubject:
| | >> | >>> NullReferenceException&hl=en&lr=&ie=UTF-8&oe=
| | >> | >>> UTF-8&as_drrb=b&as_mind=12&as_minm=5&as_miny
| | >> | >>> =2002&as_maxd=11&as_maxm=3&as_maxy=2003&
| | >> | >>> selm=18ab78a0.0207250430.3f2a29ff%40posting.
| | >> | >>> google.com&rnum=1
| | >> | >>>
| | >> | >>> Thank you, Mike Moore
| | >> | >>> Microsoft, ASP.NET
| | >> | >>>
| | >> | >>> This posting is provided "AS IS", with no warranties, and
| confers no
| | >> | >>rights.
| | >> | >>>
| | >> | >>>
| | >> | >>> --------------------
| | >> | >>> >From: "Stephen Walch" <swalch@proposion.com>
| | >> | >>> >Subject: Setting Principal for HttpWorkerRequest
| | >> | >>> >Date: Thu, 6 Mar 2003 15:35:14 -0500
| | >> | >>> >Lines: 15
| | >> | >>> >X-Priority: 3
| | >> | >>> >X-MSMail-Priority: Normal
| | >> | >>> >X-Newsreader: Microsoft Outlook Express 5.50.4807.1700
| | >> | >>> >X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| | >> | >>> >Message-ID: <Ojhhd$B5CHA.3024@TK2MSFTNGP10.phx.gbl>
| | >> | >>> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| | >> | >>> >NNTP-Posting-Host: ma-amesbury2b-224.mrrmnh.adelphia.net
| | >24.53.5.224
| | >> | >>> >Path:
| | >> | >>>
| | >> |
| | >>
| |
|
>>>cpmsftngxa08.phx.gbl!cpmsftngxa06!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.g
| b
| | >> l
| | >> | >>> >Xref: cpmsftngxa08.phx.gbl
| | >> | >>> microsoft.public.dotnet.framework.aspnet.security:4236
| | >> | >>> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| | >> | >>> >
| | >> | >>> >I am implementing an ASP.NET server (similar to Cassini) and
am
| | >> trying
| | >> | >to
| | >> | >>> >think through how I would go about adding my own
authentication
| to
| | >> | >(based
| | >> | >>> on
| | >> | >>> >information I am able to extract from the raw HTTP request).
It
| | >> looks
| | >> | >>like
| | >> | >>> >my ultimate goal is to set HTTPContext.Principal with a
| principal
| | >> that
| | >> | >>> >contains the appropriate identity, roles, etc.
| | >> | >>> >
| | >> | >>> >So if I have created an HttpWorkerRequest and am about to call
| | >> | >>> >HttpRuntime.ProcessRequest, what else do I need to do? I see
| that
| | >> the
| | >> | >>> >HTTPContext takes HttpWorkerRequest in its constructor, so I
| deduce
| | >> that
| | >> | >>> the
| | >> | >>> >Principal is somehow created from the HttpWorkerRequest, but I
| | >can't
| | >> | >>figure
| | >> | >>> >out how.
| | >> | >>> >
| | >> | >>> >Any guidelines would be much appreciated. Thanks!
| | >> | >>> >
| | >> | >>> >
| | >> | >>> >
| | >> | >>>
| | >> | >>
| | >> | >>
| | >> | >>
| | >> | >
| | >> | >
| | >>
| | >
| | >
| | >
|
|

Relevant Pages

  • Re: Setting Principal for HttpWorkerRequest
    ... This posting is provided "AS IS", with no warranties, and confers no rights. ... | HTTP modules and HTTP handlers are an integral part of the ASP.NET ... While a request is being processed, ... | by multiple HTTP modules (for example, the authentication module and the ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Setting Principle for HttpWorkerRequest
    ... > (based on information I am able to extract from the raw HTTP request). ... > why is the call(different Principals) ... HTTP modules and HTTP handlers are an integral ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: UNC file share and NTLM user identity
    ... HTTP modules and HTTP handlers are an integral part of the ASP.NET ... While a request is being processed, ... | Content-Type: text/plain ... | Subject: RE: UNC file share and NTLM user identity ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: UNC file share and NTLM user identity
    ... Hi Bassel Tabbara, ... While a request is being processed, ... >by multiple HTTP modules (for example, ... >Microsoft, ASP.NET ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: SPS2003 with HTTP Module???
    ... SPS 2003 does not work very well with http modules and http handlers. ... The portal has an agreement page and AD users are authenticated by ... Basic authentication to access Sharepoint portal. ... implementing a httpmodule to detect the authentication event and check ...
    (microsoft.public.sharepoint.portalserver.development)