Wednesday, April 13, 2011

Working with Global.asax file in ASP.NET

Working with the ASP.NET Global.asax file

The Global.asax file, sometimes called theASP.NET application file, provides a way to respond to applicationor module level events in one central location. You can use thisfile to implement application security, as well as other tasks.Let's take a closer look at how you may use it in your applicationdevelopment  efforts.


The Global.asax file is in the root applicationdirectory. While Visual Studio .NET automatically inserts it in allnew ASP.NET projects, it's actually an optional file. It's okay todelete it—if you aren't using it. The .asax file extension signalsthat it's an application file rather than an ASP.NET file that usesaspx.

The Global.asax file is configured so that anydirect HTTP request (via URL) is rejected automatically, so userscannot download or view its contents. The ASP.NET page frameworkrecognizes automatically any changes that are made to theGlobal.asax file. The framework reboots the application, whichincludes closing all browser sessions, flushes all stateinformation, and restarts the application domain.


The Global.asax file, which is derived from theHttpApplication class, maintains a pool of HttpApplication objects,and assigns them to applications as needed. The Global.asax filecontains the following events:

Application_Init: Fired when an application initializes or is firstcalled. It's invoked for all HttpApplication object instances.

Application_Disposed: Fired just before an application isdestroyed. This is the ideal location for cleaning up previouslyused resources.

Application_Error: Fired when an unhandled exception is encounteredwithin the application.

Application_Start: Fired when the first instance of theHttpApplication class is created. It allows you to create objectsthat are accessible by all HttpApplication instances.

Application_End: Fired when the last instance of an HttpApplicationclass is destroyed. It's fired only once during an application'slifetime.

Application_BeginRequest: Fired when an application request isreceived. It's the first event fired for a request, which is oftena page request (URL) that a user enters.

Application_EndRequest: The last event fired for an applicationrequest.

Application_PreRequestHandlerExecute: Fired before the ASP.NET pageframework begins executing an event handler like a page or Webservice.

Application_PostRequestHandlerExecute: Fired when the ASP.NET pageframework is finished executing an event handler.

Applcation_PreSendRequestHeaders: Fired before the ASP.NET pageframework sends HTTP headers to a requesting client (browser).

Application_PreSendContent: Fired before the ASP.NET page frameworksends content to a requesting client (browser).

Application_AcquireRequestState: Fired when the ASP.NET pageframework gets the current state (Session state) related to thecurrent request.

Application_ReleaseRequestState: Fired when the ASP.NET pageframework completes execution of all event handlers. This resultsin all state modules to save their current state data.

Application_ResolveRequestCache: Fired when the ASP.NET pageframework completes an authorization request. It allows cachingmodules to serve the request from the cache, thus bypassing handlerexecution.

Application_UpdateRequestCache: Fired when the ASP.NET pageframework completes handler execution to allow caching modules tostore responses to be used to handle subsequent requests.

Application_AuthenticateRequest: Fired when the security module hasestablished the current user's identity as valid. At this point,the user's credentials have been validated.

Application_AuthorizeRequest: Fired when the security module hasverified that a user can access resources.

Session_Start: Fired when a new user visits the application Website.

Session_End: Fired when a user's session times out, ends, or theyleave the application Web site.

The event list may seem daunting, but it can beuseful in various circumstances.

A key issue with taking advantage of the eventsis knowing the order in which they're triggered. TheApplication_Init and Application_Start events are fired once whenthe application is first started. Likewise, theApplication_Disposed and Application_End are only fired once whenthe application terminates. In addition, the session-based events(Session_Start and Session_End) are only used when users enter andleave the site. The remaining events deal with applicationrequests, and they're triggered in the following order:














A common use of some of these events issecurity. The following C# example demonstrates various Global.asax events with the Application_Authenticate event used to facilitate forms-based authentication via a cookie. In addition, theApplication_Start event populates an application variable, whileSession_Start populates a session variable. The Application_Errorevent displays a simple message stating an error has occurred.

The Global.asax file is the central point forASP.NET applications. It provides numerous events to handle variousapplication-wide tasks such as user authentication, applicationstart up, and dealing with user sessions. You should be familiarwith this optional file to build robust ASP.NET-basedapplications.

TechRepublic's free .NET newsletter, delivered each Wednesday, contains useful tips and coding examples on topics such as Web services, ASP.NET, ADO.NET, and Visual Studio .NET. 

Source :-

No comments:

Post a Comment