locked
HttpHandler not firing on the production server RRS feed

  • Question

  • User43093768 posted
    I have a httphandler that secures the access to the zip file. It works fine on my developement machine but on the production it always allows the user to download the file even though the user is not authenticated.

    Not sure what is going wrong.

    Here is the HttpHandler:

    using System;
    using System.Data;
    using System.Configuration;
    using System.Web;
    using System.Web.Security;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Web.UI.WebControls.WebParts;
    using System.Web.UI.HtmlControls;
    using System.IO;


    public class ZipFileHandler :IHttpHandler
    {
        public ZipFileHandler()
        {
        }

        public bool IsReusable
        {
            get { return true; }
        }

        public void ProcessRequest(HttpContext context)
        {      

            if (!context.User.Identity.IsAuthenticated)
            {
                context.Response.StatusCode = 401;
                return;
            }


           
            string url = context.Server.MapPath(context.Request.CurrentExecutionFilePath);

            try
            {
                FileStream oFile = new FileStream(url, FileMode.Open);
                context.Response.Charset = "";
                context.Response.ContentType = "application/zip";
                BinaryReader br = new BinaryReader(oFile);
                for (long l = 0; l < oFile.Length; l++)
                {
                    context.Response.OutputStream.WriteByte(br.ReadByte());
                }
            }
            catch (Exception ex)
            {           
                context.Response.StatusCode = 404;
            }
        }
    }


    And here is the configuration in the zip file:

    <add type="ZipFileHandler" path="*.zip" verb="*" />





    Friday, August 4, 2006 2:35 PM

All replies

  • User1330359733 posted

    in your web config add validate="false" to you add tag.

    <add type="ZipFileHandler" path="*.zip" verb="*" validate="false"/>

    validate

    If false, ASP.NET will not try to load the class until the actual matching request comes. Potentially, this might delay the error but it does improve start-up time

    Saturday, August 5, 2006 12:35 AM
  • User1330359733 posted

    I am not sure if that wukk work or not... It fixed the problem i had with this on a production server I had.  Although on a hosted server I have yet to fix this problem.

    Saturday, August 5, 2006 11:08 AM
  • User1181216341 posted
    you may need to explicitly map .zip files to the aspnet isapii in IIS as well, otherwise the request for the zip file is never handed off to aspnet runtime.
    Saturday, August 5, 2006 12:25 PM