How to pass Windows authentication from the ".aspx" page to the ".ashx" handler

Question

How to pass Windows authentication from the ".aspx" page to the ".ashx" handler

I have a Download.aspx page that requires Windows authentication. When a user logs in, they are provided with a list of links to files that they can download. The links actually point to the "ZipHandler.ashx" handler, which processes requests based on the passed parameters.

My problem is that HttpContext.Current.User.Identity.IsAuthenticatedthere is a falsemethod inside ProcessRequest IHttpHandlerwhen an authenticated user accesses this handler.

I need to check if they have authenticated inside IHttpHandler, since non-authenticated users can also access the handler with different results. I tested the value HttpContext.Current.User.Identity.IsAuthenticatedon the "Download.aspx" page, and the value true, so I don’t understand why this is not the case for the ashx handler. I tried to add the IReadOnlySessionState and IRequiresSessionState interfaces to my handler, but I still have the same problem.

+4

c # asp.net httphandler ntlm

skeletank Nov 01 '13 at 18:26

source share

1 answer

skeletank · Accepted Answer · 2013-11-01T20:59:54+0000

, .ashx , Windows WindowsIdentity, . , , 2 web.config, :

<add name="AnonymousHandler" verb="GET" path="*/AnonymousHandler.ashx"
     type="MyLibrary.MyHandler, MyHandler, Version=1.0.0.0, Culture=neutral, 
     PublicKeyToken=12e530ccad45314d"/>

<add name="AuthenticatedHandler" verb="GET" path="*/AuthenticatedHandler.ashx" 
     type="MyLibrary.MyHandler, MyHandler, Version=1.0.0.0, Culture=neutral,
     PublicKeyToken=12e530ccad45314d"/>

:

<location path="AuthenticatedHandler.ashx">
  <system.web>
    <authorization>
      <deny users="?"/>
    </authorization>
  </system.web>
</location>

How to pass Windows authentication from the ".aspx" page to the ".ashx" handler

More articles: