Global.asax文件有时被叫做ASP.NET应用程序文件, 它提供了一种方式来在一个集中的地方响应application或module等级的事件. 你可以使用这个文件来实现应用程序的安全, 还有其他的任务.
Overview
============
Global.asax文件存在于应用程序文件夹的root. 虽然Visual Studio .NET会自动地把这个文件插入到所有的新ASP.NET应用程序中, 其实这个文件是可选的, 不是一定要有的. 如果你没有在使用它的话, 你可以删掉它. .asax后缀说明他是一个应用程序文件, 而不是一个asp.net文件(aspx).
我们可以配置global.asax文件, 自动地拒绝任何直接到来HTTP request, 这样, 用户就不能下载或查看它的内容. ASP.NET页面架构会自动地识别任何对global.asax的修改. ASP.NET框架会重启应用程序, 其中包括关掉所有的浏览器的session, 冲掉所有的state信息, 重启application domain.
Programming
============
The Global.asax file, which is derived from the HttpApplication class, maintains a pool of HttpApplication objects, and assigns them to applications as needed. The Global.asax file contains the following events:
global.asax文件, 继承自HttpApplication类, 维护着一个HttpApplication对象的池, 它会把HttpApplication对象在需要的时候赋给应用程序. Global.asax文件包括的事件如下:
- Application_Init: Fired when an application initializes or is first called. It's invoked for all HttpApplication object instances.
- Application_Disposed: Fired just before an application is destroyed. This is the ideal location for cleaning up previously used resources.
- Application_Error: Fired when an unhandled exception is encountered within the application.
- Application_Start: Fired when the first instance of the HttpApplication class is created. It allows you to create objects that are accessible by all HttpApplication instances.
- Application_End: Fired when the last instance of an HttpApplication class is destroyed. It's fired only once during an application's lifetime.
- Application_BeginRequest: Fired when an application request is received. It's the first event fired for a request, which is often a page request (URL) that a user enters.
- Application_EndRequest: The last event fired for an application request.
- Application_PreRequestHandlerExecute: Fired before the ASP.NET page framework begins executing an event handler like a page or Web service.
- Application_PostRequestHandlerExecute: Fired when the ASP.NET page framework is finished executing an event handler.
- Applcation_PreSendRequestHeaders: Fired before the ASP.NET page framework sends HTTP headers to a requesting client (browser).
- Application_PreSendContent: Fired before the ASP.NET page framework sends content to a requesting client (browser).
- Application_AcquireRequestState: Fired when the ASP.NET page framework gets the current state (Session state) related to the current request.
- Application_ReleaseRequestState: Fired when the ASP.NET page framework completes execution of all event handlers. This results in all state modules to save their current state data.
- Application_ResolveRequestCache: Fired when the ASP.NET page framework completes an authorization request. It allows caching modules to serve the request from the cache, thus bypassing handler execution.
- Application_UpdateRequestCache: Fired when the ASP.NET page framework completes handler execution to allow caching modules to store responses to be used to handle subsequent requests.
- Application_AuthenticateRequest: Fired when the security module has established the current user's identity as valid. At this point, the user's credentials have been validated.
- Application_AuthorizeRequest: Fired when the security module has verified that a user can access resources.
- Session_Start: Fired when a new user visits the application Web site.
- Session_End: Fired when a user's session times out, ends, or they leave the application Web site.
这份列表看起来有点吓人, 但是他们在不同的情况下可能会非常有用.
使用这些事件的关键点是知道他们被触发的顺序. 比如说, Application_Init 和 Application_Start 事件会在应用程序刚刚开始第一次运行的时候触发. 同样, Application_Disposed 和 Application_End 仅会在应用程序终止的时候被触发. 另外, session-based的事件(Session_Start 和Session_End) 仅会在用户进入和离开站点的时候触发. 剩下的事件是处理应用程序请求的, 他们会被按照如下的顺序依次触发.
- Application_BeginRequest
- Application_AuthenticateRequest
- Application_AuthorizeRequest
- Application_ResolveRequestCache
- Application_AcquireRequestState
- Application_PreRequestHandlerExecute
- Application_PreSendRequestHeaders
- Application_PreSendRequestContent
- <<code is executed>>
- Application_PostRequestHandlerExecute
- Application_ReleaseRequestState
- Application_UpdateRequestCache
- Application_EndRequest
言归正传- 如何在global.asax中执行跳转
=============
假设你需要拒绝掉所有指向html的请求, 告诉你的客户, 你的网站不支持html(技术狂人的网站, 呵呵). 你可以在你的global.asax里这样写:
<%@ Assembly Name="System.Web"%>
<script runat="server">
void Application_BeginRequest(object sender, EventArgs e)
{
if (Request.Url.ToString().EndsWith(".html"))
{
Response.Redirect("http://myserver:12345/pages/helloworld.aspx");
}
}
</script>
参考资料:
Working with the ASP.NET Global.asax file
http://articles.techrepublic.com.com/5100-10878_11-5771721.html
Redirecting in Global.asax
http://forums.asp.net/t/1137257.aspx