2 // System.Web.SessionState.SesionStateModule
5 // Gonzalo Paniagua Javier (gonzalo@ximian.com)
6 // Stefan Görling (stefan@gorling.se)
7 // Jackson Harper (jackson@ximian.com)
9 // (C) 2002,2003 Ximian, Inc (http://www.ximian.com)
10 // (C) 2003 Stefan Görling (http://www.gorling.se)
13 using System.Web.Util;
14 using System.Security.Cryptography;
16 namespace System.Web.SessionState
18 public sealed class SessionStateModule : IHttpModule
20 internal static readonly string CookieName = "ASPSESSION";
21 internal static readonly string HeaderName = "AspFilterSessionId";
23 static SessionConfig config;
24 static Type handlerType;
25 ISessionHandler handler;
27 private RandomNumberGenerator rng;
29 public SessionStateModule ()
31 rng = new RNGCryptoServiceProvider ();
34 internal RandomNumberGenerator Rng {
38 public void Dispose ()
44 public void Init (HttpApplication app)
47 config = (SessionConfig) HttpContext.GetAppConfig ("system.web/sessionState");
49 config = new SessionConfig (null);
51 if (config.Mode == SessionStateMode.StateServer)
52 handlerType = typeof (SessionStateServerHandler);
54 if (config.Mode == SessionStateMode.SQLServer)
55 handlerType = typeof (SessionSQLServerHandler);
57 if (config.Mode == SessionStateMode.InProc)
58 handlerType = typeof (SessionInProcHandler);
60 if (config.Mode == SessionStateMode.Off)
64 if (config.CookieLess)
65 app.BeginRequest += new EventHandler (OnBeginRequest);
67 app.AddOnAcquireRequestStateAsync (
68 new BeginEventHandler (OnBeginAcquireState),
69 new EndEventHandler (OnEndAcquireState));
71 app.ReleaseRequestState += new EventHandler (OnReleaseRequestState);
72 app.EndRequest += new EventHandler (OnEndRequest);
74 if (handlerType != null && handler == null) {
75 handler = (ISessionHandler) Activator.CreateInstance (handlerType);
76 handler.Init(app, config); //initialize
80 void OnBeginRequest (object o, EventArgs args)
82 HttpApplication application = (HttpApplication) o;
83 HttpContext context = application.Context;
84 string base_path = context.Request.BaseVirtualDir;
85 string id = UrlUtils.GetSessionId (base_path);
90 context.Request.SetFilePath (UrlUtils.RemoveSessionId (base_path,
91 context.Request.FilePath));
92 context.Request.SetHeader (HeaderName, id);
95 void OnReleaseRequestState (object o, EventArgs args)
100 HttpApplication application = (HttpApplication) o;
101 HttpContext context = application.Context;
102 handler.UpdateHandler (context, this);
105 void OnEndRequest (object o, EventArgs args)
109 IAsyncResult OnBeginAcquireState (object o, EventArgs args, AsyncCallback cb, object data)
111 HttpApplication application = (HttpApplication) o;
112 HttpContext context = application.Context;
114 bool required = (context.Handler is IRequiresSessionState);
115 bool read_only = (context.Handler is IReadOnlySessionState);
118 HttpSessionState session = null;
120 session = handler.UpdateContext (context, this, required, read_only, ref isNew);
122 if (session != null) {
124 session.SetNewSession (true);
127 session = session.Clone ();
129 context.SetSession (session);
131 if (isNew && config.CookieLess) {
132 string id = context.Session.SessionID;
133 context.Request.SetHeader (HeaderName, id);
134 context.Response.Redirect (UrlUtils.InsertSessionId (id,
135 context.Request.FilePath));
137 string id = context.Session.SessionID;
138 HttpCookie cookie = new HttpCookie (CookieName, id);
139 cookie.Path = UrlUtils.GetDirectory (context.Request.Path);
140 context.Response.AppendCookie (cookie);
144 // In the future, we might want to move the Async stuff down to
145 // the interface level, if we're going to support other than
146 // InProc, we might actually want to do things async, now we
148 HttpAsyncResult result=new HttpAsyncResult (cb,this);
149 result.Complete (true, o, null);
150 if (isNew && Start != null)
156 void OnEndAcquireState (IAsyncResult result)
160 internal void OnEnd ()
163 End (this, EventArgs.Empty);
166 public event EventHandler Start;
167 public event EventHandler End;