Handler的HttpContext

时间:2010-08-30 08:19:55

标签: asp.net httphandler httpcontext

为保护下载文件的目的,我创建了http handler liket:

  public void ProcessRequest(HttpContext context)
  {
        string user = HttpContext.Current.User.Identity.Name;
        FilePermissionHelper helper = new FilePermissionHelper(user);
        string path = context.Request.Form["file"];
        bool canDownload = helper.HasPermission(FileOperation.Download, path);
        if (!canDownload)
        {
            context.Response.StatusCode = 403;
            context.Response.End();
            return;
        }
        else
        {
            string fileName=String.Format(@"{0}App_Data\files{1}",HostingEnvironment.ApplicationPhysicalPath,path.Substring(1));
            context.Response.ContentType = "application/octet-stream";
            context.Response.AppendHeader("Content-Disposition", fileName);
            context.Response.TransmitFile(fileName);
            context.Response.End();
        }
 }

它使用HttpContext.Current.User。

当我将此处理程序用于以下服务文件时:

  protected void tvFile_NodeClick(object sender, RadTreeNodeEventArgs e)
  {
        string url = new Uri(String.Format("{0}/{1}", Request.Url.GetLeftPart(UriPartial.Authority),HandlerName)).AbsoluteUri;
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
        string data = String.Format("file={0}", e.Node.Value);
        byte[] buffer = Encoding.UTF8.GetBytes(data);
        req.Method = "POST";
        req.ContentType = "application/x-www-form-urlencoded";
        req.ContentLength = buffer.Length; 
        Stream reqst = req.GetRequestStream(); 
        reqst.Write(buffer, 0, buffer.Length);
        reqst.Flush();
        reqst.Close();
        byte[] bytes=ReadFully(((HttpWebResponse)req.GetResponse()).GetResponseStream());
        HttpContext.Current.Response.ContentType = "application/octet-stream";
        HttpContext.Current.Response.AppendHeader("Content-Disposition", String.Format("attachment; filename={0}",e.Node.Text));
        HttpContext.Current.Response.BinaryWrite(bytes);
        HttpContext.Current.Response.End();

 }

我在处理程序中得到了HttpContext.Current.User = null。当然我可以使用POST数据,Session,但我希望通过HttpContext解决这个问题。顺便说一句,当我在客户端(通过js)发布POST时,一切正常:HttpContext.Current.User传递给处理程序。怎么了?感谢。

1 个答案:

答案 0 :(得分:0)

使用IRequiresSessionState向您的处理程序添加另一个名为IHttpHandler的接口,您可能会正确地让用户正确