mcs/class/System.Web/System.Web.SessionState/SessionStateModule.cs

   1 //
   2 // System.Web.SessionState.SesionStateModule
   3 //
   4 // Authors:
   5 //      Gonzalo Paniagua Javier (gonzalo@ximian.com)
   6 //      Stefan Görling (stefan@gorling.se)
   7 //      Jackson Harper (jackson@ximian.com)
   8 //
   9 // (C) 2002,2003 Ximian, Inc (http://www.ximian.com)
  10 // (C) 2003 Stefan Görling (http://www.gorling.se)
  11
  12 //
  13 // Permission is hereby granted, free of charge, to any person obtaining
  14 // a copy of this software and associated documentation files (the
  15 // "Software"), to deal in the Software without restriction, including
  16 // without limitation the rights to use, copy, modify, merge, publish,
  17 // distribute, sublicense, and/or sell copies of the Software, and to
  18 // permit persons to whom the Software is furnished to do so, subject to
  19 // the following conditions:
  20 //
  21 // The above copyright notice and this permission notice shall be
  22 // included in all copies or substantial portions of the Software.
  23 //
  24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  25 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  26 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  27 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  28 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  29 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  30 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  31 //
  32
  33 using System.Web;
  34 using System.Web.Caching;
  35 using System.Web.Util;
  36 using System.Security.Cryptography;
  37
  38 namespace System.Web.SessionState
  39 {
  40         public sealed class SessionStateModule : IHttpModule
  41         {
  42                 internal static readonly string CookieName = "ASPSESSION";
  43                 internal static readonly string HeaderName = "AspFilterSessionId";
  44
  45                 static SessionConfig config;
  46                 static Type handlerType;
  47                 ISessionHandler handler;
  48
  49                 private RandomNumberGenerator rng;
  50
  51                 public SessionStateModule ()
  52                 {
  53                         rng = new RNGCryptoServiceProvider ();
  54                 }
  55
  56                 internal RandomNumberGenerator Rng {
  57                         get { return rng; }
  58                 }
  59
  60                 public void Dispose ()
  61                 {
  62                     if (handler!=null)
  63                         handler.Dispose();
  64                 }
  65
  66                 public void Init (HttpApplication app)
  67                 {
  68                         if (config == null) {
  69                                 config = (SessionConfig) HttpContext.GetAppConfig ("system.web/sessionState");
  70                                 if (config ==  null)
  71                                         config = new SessionConfig (null);
  72
  73                                 if (config.Mode == SessionStateMode.StateServer)
  74                                         handlerType = typeof (SessionStateServerHandler);
  75
  76                                 if (config.Mode == SessionStateMode.SQLServer)
  77                                         handlerType = typeof (SessionSQLServerHandler);
  78
  79                                 if (config.Mode == SessionStateMode.InProc)
  80                                         handlerType = typeof (SessionInProcHandler);
  81
  82                                 if (config.Mode == SessionStateMode.Off)
  83                                         return;
  84                         }
  85
  86                         if (config.CookieLess)
  87                                 app.BeginRequest += new EventHandler (OnBeginRequest);
  88
  89                         app.AddOnAcquireRequestStateAsync (
  90                                 new BeginEventHandler (OnBeginAcquireState),
  91                                 new EndEventHandler (OnEndAcquireState));
  92
  93                         app.ReleaseRequestState += new EventHandler (OnReleaseRequestState);
  94                         app.EndRequest += new EventHandler (OnEndRequest);
  95
  96                         if (handlerType != null && handler == null) {
  97                                 handler = (ISessionHandler) Activator.CreateInstance (handlerType);
  98                                 handler.Init (this, app, config); //initialize
  99                         }
 100                 }
 101
 102                 void OnBeginRequest (object o, EventArgs args)
 103                 {
 104                         HttpApplication application = (HttpApplication) o;
 105                         HttpContext context = application.Context;
 106                         string base_path = context.Request.BaseVirtualDir;
 107                         string id = UrlUtils.GetSessionId (base_path);
 108
 109                         if (id == null)
 110                                 return;
 111
 112                         context.Request.SetCurrentExePath (UrlUtils.RemoveSessionId (base_path,
 113                                                                      context.Request.FilePath));
 114                         context.Request.SetHeader (HeaderName, id);
 115                 }
 116
 117                 void OnReleaseRequestState (object o, EventArgs args)
 118                 {
 119                         if (handler == null)
 120                                 return;
 121
 122                         HttpApplication application = (HttpApplication) o;
 123                         HttpContext context = application.Context;
 124                         handler.UpdateHandler (context, this);
 125                 }
 126
 127                 void OnEndRequest (object o, EventArgs args)
 128                 {
 129                 }
 130
 131                 IAsyncResult OnBeginAcquireState (object o, EventArgs args, AsyncCallback cb, object data)
 132                 {
 133                         HttpApplication application = (HttpApplication) o;
 134                         HttpContext context = application.Context;
 135
 136                         bool required = (context.Handler is IRequiresSessionState);
 137                         bool read_only = (context.Handler is IReadOnlySessionState);
 138
 139                         bool isNew = false;
 140                         HttpSessionState session = null;
 141                         if (handler != null)
 142                                 session = handler.UpdateContext (context, this, required, read_only, ref isNew);
 143
 144                         if (session != null) {
 145                                 if (isNew)
 146                                         session.SetNewSession (true);
 147
 148                                 if (read_only)
 149                                         session = session.Clone ();
 150
 151                                 context.SetSession (session);
 152
 153                                 if (isNew && config.CookieLess) {
 154                                         string id = context.Session.SessionID;
 155                                         context.Request.SetHeader (HeaderName, id);
 156                                         context.Response.Redirect (UrlUtils.InsertSessionId (id,
 157                                                                    context.Request.FilePath));
 158                                 } else if (isNew) {
 159                                         string id = context.Session.SessionID;
 160                                         HttpCookie cookie = new HttpCookie (CookieName, id);
 161                                         cookie.Path = UrlUtils.GetDirectory (context.Request.ApplicationPath);
 162                                         context.Response.AppendCookie (cookie);
 163                                 }
 164                         }
 165
 166                         // In the future, we might want to move the Async stuff down to
 167                         // the interface level, if we're going to support other than
 168                         // InProc, we might actually want to do things async, now we
 169                         // simply fake it.
 170                         HttpAsyncResult result=new HttpAsyncResult (cb,this);
 171                         result.Complete (true, o, null);
 172                         if (isNew && Start != null)
 173                                 Start (this, args);
 174
 175                         return result;
 176                 }
 177
 178                 void OnEndAcquireState (IAsyncResult result) { }
 179
 180                 internal void OnSessionRemoved (string key, object value, CacheItemRemovedReason reason)
 181                 {
 182                         OnEnd ();
 183                 }
 184
 185                 internal void OnEnd ()
 186                 {
 187                         if (End != null)
 188                                 End (this, EventArgs.Empty);
 189                 }
 190
 191                 public event EventHandler Start;
 192                 public event EventHandler End;
 193         }
 194 }
 195