排除 HttpModule 在 IIS7 上运行静态内容
我的身份验证 HttpModule 有问题。 问题是它显然会针对我在 Web 服务器(IIS7)上收到的每个请求运行。 因为它也使用 Session 变量,所以它无法在 CSS、JS 文件和类似文件上正常工作。
我尝试使用:
<add name="AuthModuleName" type="..." preCondition="managedHandler" />
但无济于事。 无论其扩展名或 MIME 类型如何,它仍然会针对每个请求运行。 我还应该补充一点,有一个设置
<modules runAllManagedModulesForAllRequests="true">
对我来说似乎很可疑,并且实际上禁用了模块上的先决条件。 但将其更改为 false 会以完全不同的方式中断应用程序并出现不同的异常(SessionStateTempDataProvider 需要启用 SessionState)。
有人可以帮助我如何在对静态内容文件发出请求时强制 IIS7 排除我的 HttpModule 吗?
I have a problem with my Authentication HttpModule. The problem is that it obviously runs for every single request I get on my web server (IIS7). Because it also uses Session variable, it fails to work properly on CSS, JS files and similar.
I tried to use:
<add name="AuthModuleName" type="..." preCondition="managedHandler" />
but to no avail. It still runs on every request regardless of its extension or mime type. I should also add, there's a setting
<modules runAllManagedModulesForAllRequests="true">
that seemed suspicious to me and actually disabled preConditions on modules. But changing it to false, breaks the application in a completely different way and with a different exception (The SessionStateTempDataProvider requires SessionState to be enabled).
Can anybody help me how to force IIS7 to exclude my HttpModule when requests are made for static content files?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
runAllManagedModulesForAllRequests属性必须设置为false才能按照您想要的方式实际配置任何模块。 您还必须根据需要正确地重新配置会话和其他内容,但主要的是处理请求的处理程序管道执行顺序。答案在我的其他问题之一中提供:
感谢Peter提供正确运行的答案。
runAllManagedModulesForAllRequestsattribute has to be set to false to actually configure any module the way you want. You will have to also correctly reconfigure Session and others as needed, but the main thing is handlers pipeline execution order that handles requests.The answer was provided in one of my other questions:
Thanks to Peter that provided the answer that worked correctly.
我不知道 IIS7 的设置,但你可以这样做。
会话对象仅适用于非静态内容:
这将确保您的代码不会针对 CSS、JS 等文件运行。但请记住,会话对象在 PostAcquireRequestState 事件。 (有关 HttpApplication 事件的顺序,请参阅此页面。)
编辑:< /strong> 另外,它与 ASP.NET 开发服务器一起出现(尽管我知道您在问题中提到了 IIS7),即使对于静态文件,您的 HttpModule 仍将运行。
I don't know about an IIS7 setting for that but you can do this.
The session object will be available only for non-static content :
This will ensure your code won't be run for files like CSS, JS etc. But keep in mind the session object will also not be ready before PostAcquireRequestState event. (For the order of the HttpApplication events, see this page.)
Edit : Also, it appears with ASP.NET Development Server (though I know you said IIS7 in your question), your HttpModule will still run even for static files.