用户在ASP.NET WEBForms HTTP模块中设置为任何内容
-
23-12-2019 - |
题
我在ASP.NET Web应用程序中有以下自定义模块。模块从我的PC上的Chrome工作,但是当我尝试从Android访问视频时,我收到错误,因为未设置UserId(_context.user)。这一切都会发生在我登录应用程序后。因此,应设置_context.user。
我会想到,因为在这个级别上,您正在处理HTTP请求和响应,模块将为任何设备工作。
我有两个问题。
有没有办法制作这项工作?
Android平板电脑和PC发送此问题的请求之间有什么区别?
公共类视频安全映射 实现ihttpmodule. 实施意味着 私人背包_context作为httpApplication
Public Sub Dispose() Implements IHttpModule.Dispose
End Sub
Dim myUserManager As UserManager
Public Sub Init(ByVal context As HttpApplication) Implements IHttpModule.Init
_context = context
myUserManager = New UserManager
End Sub
Public Sub Log(value As String, ParamArray args As Object())
Dim message As String = String.Format(value, args)
Dim messagePrefix As String = String.Format("{0},{1},{2},{3}", UserAgent, Url, SessionId, message)
LogManager.WriteMessage(messagePrefix, "")
End Sub
Private ReadOnly Property UserAgent() As String
Get
Try
Return _context.Request.UserAgent
Catch ex As Exception
Return "No User Agent"
End Try
End Get
End Property
Private ReadOnly Property Url() As String
Get
Try
Return _context.Request.Url.PathAndQuery
Catch ex As Exception
Return "No URL"
End Try
End Get
End Property
Private ReadOnly Property SessionId() As String
Get
Try
Return __context.Session.SessionID
Catch ex As Exception
Return "No URL"
End Try
End Get
End Property
Public ReadOnly Property IsReusable() As Boolean
' IsReusable must be set to false since class has a member!
Get
Return True
End Get
End Property
Public Sub OnAuthorizeRequest(ByVal source As Object, ByVal e As EventArgs) Handles _context.AuthorizeRequest
If IsVideoUrl() Then
Dim userId As Integer = GetLoggedInUsersId()
Log("UserRequiresAuthorization({0}): {1}", userId, UserRequiresAuthorization(userId))
Log("UserIsAssignedToCourseContainingVideo({0}): {1}", userId, UserIsAssignedToCourseContainingVideo(userId))
' if user is not assigned to a course that utilizes the video or the user is not in role super user or system admin
If (UserRequiresAuthorization(userId) AndAlso Not UserIsAssignedToCourseContainingVideo(userId)) Then
SendAuthenticationRequiredResponse()
End If
End If
End Sub
Private Function GetLoggedInUsersId() As Integer
Dim userId As Integer = 0
If (Not _context.User Is Nothing) Then
userId = myUserManager.GetUserIdByUserName(_context.User.Identity.Name)
End If
Log("userId:{0}", userId)
Return userId
End Function
Private Sub SendAuthenticationRequiredResponse()
Const networkAuthenticationRequiredStatusCode As Integer = 511
_context.Response.StatusCode = networkAuthenticationRequiredStatusCode
_context.Response.ClearContent()
_context.Response.Write("UnAuthorized User")
Log("UnAuthorized User: {0}", "")
_context.Response.End()
End Sub
Private Function IsVideoUrl() As Boolean
Dim fileLocation As String = System.Configuration.ConfigurationManager.AppSettings("VideoLocation")
Log("url:{0}", _context.Request.Url)
Log("IsVideoUrl:{0}", _context.Request.FilePath.ToLower().Contains(fileLocation.ToLower()))
Return _context.Request.FilePath.ToLower().Contains(fileLocation.ToLower())
End Function
Private Function UserDoesNotRequireAuthorization(userId As Integer) As Boolean
Return myUserManager.IsSysAdmin(userId) OrElse myUserManager.IsSuperUser(userId)
End Function
Private Function UserRequiresAuthorization(userId As Integer) As Boolean
Dim result As Boolean = Not UserDoesNotRequireAuthorization(userId)
Return result
End Function
''' <summary>
''' Returns true if the in-putted user (logged in user) has been allocated to a course that utilize video specified in this request
''' </summary>
Private Function UserIsAssignedToCourseContainingVideo(userId As Integer) As Boolean
' ... code removed for clarity
End Function
.
结束类
解决方案
这是一个已知的问题,其中包含Android版本。我有限的研究表明,视频请求将传递到名为stepFright的Android中的单独组件。StageFight无法处理cookie,因此没有身份验证cookie被传递给Web应用程序,从而导致_context.user属性未设置。
以下链接提供更多深度细节。
do mobile浏览器通过HTML5 Audio-Tag? https://code.google.com/p/android/issues/细节?ID= 17553
不隶属于 StackOverflow