ASP.NET MVC request context details

Question

Where can I plug in a custom provider to set up the request context?

I want to run an ASP.NET MVC application in "slave" mode while gradually transitioning features from a legacy system. Each request will have a cookie, and I want to grab the cookie, make an external call to resolve it to a user identity, and set up that user identity for the remainder of the request.

I might set a forms authentication cookie, or use Session, but the source of truth about authentication has to be the externally-set cookie, on every request.

What's the best way to do this? Where do I plug in? I've looked at Authentication providers, and the Authorization attribute, but neither of those seems the right place for this.

Answer 1

you could override the Init method in Global.asax page and listen to the PostAuthenticateRequest event, the events fires after authentication so you could change whatever values you like from the form authenticate cookies and inject your own

Answer 2

I would have thought an HttpModule would be ideal for this scenario?

If I understand you correctly, I did something similar on a project I was working on recently:

  public class UserSessionHttpModule : IHttpModule
{

    private HttpApplication mApplication;

    public void Dispose()
    {
    }

    public void Init(HttpApplication context)
    {
        mApplication = context;
        context.BeginRequest += new EventHandler(CheckUserSession);
    }

    private void CheckUserSession(Object sender, EventArgs e)
    {
        var extension = Path.GetExtension(mApplication.Context.Request.Path);

        if (extension == "" || extension == ".aspx")
        {
            var userSessionService = ObjectFactory.GetInstance<IUserSessionService>();
            userSessionService.CheckUserSession();
        }

    }
}