Best way to perform authentication on every request
Posted
by Nik
on Stack Overflow
See other posts from Stack Overflow
or by Nik
Published on 2010-05-31T12:23:52Z
Indexed on
2010/05/31
12:33 UTC
Read the original article
Hit count: 255
Hello.
In my asp.net mvc 2 app, I'm wondering about the best way to implement this:
- For every incoming request I need to perform custom authorization before allowing the file to be served. (This is based on headers and contents of the querystring. If you're familiar with how Amazon S3 does rest authentication - exactly that).
I'd like to do this in the most perfomant way possible, which probably means as light a touch as possible, with IIS doing as much of the actual work as possible.
The service will need to handle GET requests, as well as writing new files coming in via POST/PUT requests.
The requests are for an abitrary file, so it could be:
GET http://storage.foo.com/bla/egg/foo18/something.bin
POST http://storage.foo.com/else.txt
Right now I've half implemented it using an IHttpHandler which handles all routes (with routes.RouteExistingFiles = true), but not sure if that's the best, or if I should be hooking into the lifecycle somewhere else?
Many thanks for any pointers.
(IIS7)
© Stack Overflow or respective owner