AuthenticateRequest in Global.asax and a custom HTTP Module

From: Leslie (
Date: 05/24/05

Date: Tue, 24 May 2005 11:11:09 -0700

I am writing a web services application, using basic authentication.
However, I need to authenticate against user setting up in our database. So,
I need to write my own code to authenticate users.

I think that I could put my authentication code in AuthenticateRequest event
in either Global.asax or in a custom HTTP module. However, I don't know what
is the difference between them. And is there any implication if I make the
choice of one way or the other?

Any helps would be appreciated. Thanks.

Relevant Pages

  • ASP.NET Forms Authentication Best Practices
    ... ASP.NET Forms Authentication Best Practices ... What happens if your user database is compromised? ... Listing One, where you want to use login.aspx to log users in. ... string FirstName ...
  • Re: Security question ..
    ... What I want to prevent is any access to the database accept through our ... application unless you have elevated permissions. ... Authentication, if he is smart enough to create an NT Auth ODBC connection ... passes through to the database or to use SQL Server authentication. ...
  • User authentication over the web (was: Secure Password in database)
    ... Subject: User authentication over the web (was: Secure Password in database) ... a web server is usually authenticated to users by using SSL or TLS ...
  • Re: Using SSPI with Custom Authentication
    ... It boils down to moving the security perimeter away from the server. ... first database contains all of the user information; ... perform authentication, and users need to be authenticated before accessing ...
  • Re: SQL Express MDF file moved from 1 computer to another - auth f
    ... I try to attach the database which is located in MyDocuments\Visual ... Microsoft SQL Server Management Studio ... now it tells me that authentication has failed for my windows ...