asp.NetIHttpModule権限制御の実現
14632 ワード
正式なプロジェクトに面切り形式の権限制御を適用するために、今日IHttpModuleで権限制御のテストプロジェクトを行いました.
開発中、最も憂鬱なのは「セッションステータスがこのコンテキストで使用できない」というエラーに遭遇したことです.解決策は次のコードコメントを参照してください.
手順は次のとおりです.
1、新しいウェブサイト、Appを追加するCodeフォルダ、新しいMyHttpModuleクラス、次のようにします.
2、webを配置する.config
3、ページに2つのボタンテストを追加します.
default.aspx
default.aspx.cs
開発中、最も憂鬱なのは「セッションステータスがこのコンテキストで使用できない」というエラーに遭遇したことです.解決策は次のコードコメントを参照してください.
手順は次のとおりです.
1、新しいウェブサイト、Appを追加するCodeフォルダ、新しいMyHttpModuleクラス、次のようにします.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Configuration;
using System.Web.SessionState;
/// <summary>
///MyHttpModule
/// :kogu 2010-03-26
/// </summary>
public class MyHttpModule : IHttpModule
{
public MyHttpModule()
{
//
//TODO:
//
}
#region IHttpModule
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.AcquireRequestState += new EventHandler(OnAcquireRequestState);
}
#endregion
public void OnAcquireRequestState(Object sender, EventArgs e)
{
HttpApplication context = sender as HttpApplication;
//
string path = context.Request.Path.ToLower();
// path.EndsWith(".aspx")
// .aspx Session ,
// path Get “?” ,
if (path.EndsWith(".aspx"))
{
// ,
if (!string.IsNullOrEmpty(ConfigurationManager.AppSettings["login"]) && path.IndexOf(ConfigurationManager.AppSettings["login"].ToLower()) >= 0)
{
context.Response.Write(" ");
}
else if (context.Session != null && context.Session["Rights"] != null)
{
//
List<string> rights = context.Context.Session["Rights"] as List<string>;
if (!Rights.Path_Right.Keys.Contains<string>(path.Substring(Rights.PrePath.Length)))
{
foreach (string key in Rights.Path_Right.Keys)
{
if (path.IndexOf(key) >= 0)
{
Rights.PrePath = path.Substring(0, path.IndexOf(key));
}
}
}
if (Rights.Path_Right.Keys.Contains<string>(path.Substring(Rights.PrePath.Length)) && rights.Contains<string>(Rights.Path_Right[path.Substring(Rights.PrePath.Length)]))
{
context.Response.Write(" ");
}
else
{
// , ,
context.Response.Write(" ");
}
}
else
{
//
context.Response.Write(" "); }
}
}
}
/// <summary>
///
/// </summary>
public class Rights
{
private static string prePath = string.Empty;
/// <summary>
///
/// </summary>
public static string PrePath
{
get { return Rights.prePath; }
set { Rights.prePath = value; }
}
private static Dictionary<string, string> path_Right = null;
/// <summary>
/// ID
/// </summary>
public static Dictionary<string, string> Path_Right
{
get
{
if (path_Right == null)
{
path_Right = new Dictionary<string, string>();
path_Right.Add("/Default.aspx".ToLower(), "1");
}
return Rights.path_Right;
}
set { Rights.path_Right = value; }
}
}
2、webを配置する.config
<?xml version="1.0"?>
<!--
: ,
Web 。 Visual Studio
“ ”->“Asp.Net ” 。
machine.config.comments ,
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<configSections>
<sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/>
<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
<section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/>
</sectionGroup>
</sectionGroup>
</sectionGroup>
</configSections>
<appSettings>
<add key="login" value="default.aspx" />
</appSettings>
<connectionStrings/>
<system.web>
<!--
compilation debug="true"
。
,
true。
-->
<compilation debug="true">
<assemblies>
<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</assemblies>
</compilation>
<!--
<authentication> ASP.NET
。
-->
<authentication mode="Windows"/>
<!--
,
<customErrors> 。 ,
html
。
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</controls>
</pages>
<httpHandlers>
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="MyHttpModule" type="MyHttpModule"/>
</httpModules>
</system.web>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
<providerOption name="WarnAsError" value="false"/>
</compiler>
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" warningLevel="4" type="Microsoft.VisualBasic.VBCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<providerOption name="CompilerVersion" value="v3.5"/>
<providerOption name="OptionInfer" value="true"/>
<providerOption name="WarnAsError" value="false"/>
</compiler>
</compilers>
</system.codedom>
<!--
Internet 7.0 ASP.NET AJAX system.webServer
。 IIS 。
-->
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules>
<remove name="ScriptModule"/>
<add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="MyHttpModule" type="MyHttpModule"/>
</modules>
<handlers>
<remove name="WebServiceHandlerFactory-Integrated"/>
<remove name="ScriptHandlerFactory"/>
<remove name="ScriptHandlerFactoryAppServices"/>
<remove name="ScriptResource"/>
<add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</handlers>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/>
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
</configuration>
3、ページに2つのボタンテストを追加します.
default.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Button ID="Button1" runat="server" Text="Button" onclick="Button1_Click" />
<asp:Button ID="Button2" runat="server" Text="Button" onclick="Button2_Click" />
<asp:Label ID="Label1" runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
default.aspx.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
Session["Rights"] = new List<string>() { "1", "2", "3" };
}
protected void Button2_Click(object sender, EventArgs e)
{
Label1.Text = Server.MapPath("~");
}
}