Reputation: 659
Sitecore 6.5: how to handle 403 on media item
I have a custom pipeline set up in web.config to handle processing of 403 & 404 messaging and behavior. The code looks like this...
public class NotFoundProcessor : Sitecore.Pipelines.HttpRequest.HttpRequestProcessor
{
public override void Process(Sitecore.Pipelines.HttpRequest.HttpRequestArgs args)
{
//handle 404 & 403 processing of the requested item
}
}
It works well for any "page" that's requested.
However, Media Library items don't seem to be handled by that pipeline. I found this text in http://sdn.sitecore.net/upload/sitecore6/handling_http_404_a4.pdf
If IIS uses ASP.NET to process a request, and no processor aborts the httpRequestBegin pipeline, and the requested URL does not correspond to a Sitecore media item, a content item within the context site, or a file on disk , then Sitecore activates the URL specified by the value attribute of the /configuration/sitecore/settings/setting element in web.config with name ItemNotFoundUrl.
Which indicates media items are handled differently, but I can't find any references to capturing media item requests in the pipeline. Is there a way to do this, or another workaround to allow my custom 403/404 to process media items?
Thanks, Thad
Upvotes: 1
Views: 849
Answers (1)
Reputation: 17000
You are correct, media is handled by a different processor, which is defined in <system.webServer><handlers> and <system.web><httpHandlers> of the web.config. Requests for media items do not go through the usual Sitecore Pipelines.
The specific handler is:
<add verb="*" path="sitecore_media.ashx" type="Sitecore.Resources.Media.MediaRequestHandler, Sitecore.Kernel" name="Sitecore.MediaRequestHandler"/>
If you need to add your own custom logic then add it to DoProcessRequest(), you can check the current logic using dotPeek decompiler.
Having said all of that, Sitecore should handle this out of the box if you have set the permission correctly. The user should be redirected to the Access Is Denied page, or whatever you have set in Settings.NoAccessUrl (you could change this to your login page).
Make sure you have broken the inheritance for the correct user, usually extranet\Anonymous (and not default/Anonymous) but if you have changed the domain in the <site> elements then the appropriate <domain>\Anonymous user.
Upvotes: 0
Related Questions
- Sitecore - How to prevent the anonymous users to access media library items in sitecore?
- Sitecore - not publishing media library
- Sitecore Item Access Rights
- How to retrieve Sitecore media items from media url?
- Restrict access to Sitecore Media assets from non-authenticated extranet users
- Sitecore Media Items and URLs
- Can't create an Item link to the Media Library, even though permissions allow read access
- Sitecore media items and race conditions
- Handling secure media items in extranet for Sitecore 6?
- How to get all media items in sitecore?