Custom HTTPModule - Intercept Session Variable Request

[ADN]

Hi, I am creating a custom HTTPModule to intercept the request of when
the user is attempting to retrieve a session variable. For instance,
if I set a session variable in my code like so:

session["myString"] = "Hello World";

When the request for that session variable "myString" is attempted to
be retrieved, I would like to intercept that request like so:

if (Request is for session variable "myString")
{
//send this string instead
}

Is it even possible to intercept the request of a session variable in
a custom HTTPModule?

 

[sloan]

If I were faced with a similar issue, I would code up something along these
lines:

http://aspalliance.com/810_Implementing_a_Singleton_Pattern_in_C


and then not code against the Session object directly, but rather through
this library.

Then you could subclass as necessary, or override values as needed.

...


StateManager stateManager =StateManager.Instance;
stateManager.Add("jk","Joydip",State.Session);
if(stateManager.Get("jk",State.Session)!=null) //<<<you
can edit the code here to bring back what you want.

 

[ADN]

To add a bit of complexity to this issue, the reason why I wanted to
use the HttpModule approach is because I have to handle this for
only .asp files and not for .NET files. So I was thinking that if I
can just create a custom HttpModule and then configure IIS to use that
module for.asp pages, I could intercept the request.

So basically, session information is stored in .asp pages. I want to
intercept the request when the .asp page attempts to retrieve the
session value for that particular variable.

Would I be able to create a custom session provider and wrap it in my
HttpModule for .asp pages to use? Is this a good approach? Are there
any better approaches to this?

Thanks for all your help!

 

[bruce barker]

asp session is plugable (its just a shared memory dll). you can only cjange
asp session behavior by changing your asp pages to use a custom session
manager.

-- bruce (sqlwork.com)

 

[ADN]

Got ya, alright, thank you very much for your help. doesn't look like
I'm going to be able to do it without modifying each of my .asp pages.

 

[Peter Bromberg [C# MVP]]

The problem you have here is that classic ASP session is a much different
animal than ASP.NET managed session state, so just mapping your .asp pages to
get processed through the ASP.NET runtime isn't going to buy you anything.
You would actually need to replace the classic ASP.DLL non-managed handler.
-- Peter
To be a success, arm yourself with the tools you need and learn how to use
them.

Site: http://www.eggheadcafe.com
http://petesbloggerama.blogspot.com
http://ittyurl.net

 

[Madhur]

You do need to create custom HttpModule for this purpose and you won't be
able to achieve this using that.

What you need to create is SessionStateProvider which implements this
interface.

Remember that ASP.NET 2.0 has a pluggable architecture, you do not need to
intercept anything, just plug your components instead of the default ones.