what alternatives are there to using global.asax?

Question

I am using my own custom authentication with IIS, and I want the server on every page load (no matter what type of file) to first check the Application variable to se

Answer 1

HttpModules are an alternative to global.asax

(see also https://www.codeguru.com/csharp/.net/net_asp/article.php/c19389/HTTP-Handlers-and-HTTP-Modules-in-ASPNET.htm
http://codebetter.com/blogs/karlseguin/archive/2006/06/12/146356.aspx )

HttpModules are registered in web.config; which, conveniently, is customizable at directory level. So every directory can have its own unique set of modules (that are inherited in lower directories). All modules have the same functionality as those found in global.asax .

Basically, every page request gets passed through every registered module before it ever gets to the actual page code itself. This happens regardless of what kind of request it is:

"page.aspx"    "page.html"
    |             |
(   |  module 1   |  )
(   |  module 2   |  )
(   |  module 3   |  )
    V             V
(handler 1) (handler 2)

((a much better picture and description can be found at https://www.codeguru.com/csharp/.net/net_asp/article.php/c19389/HTTP-Handlers-and-HTTP-Modules-in-ASPNET.htm ))

So then all you need to do is define your code as a module instead of in global.asax . If the user isn't authenticated, then: response.redirect("login.aspx") will stop control from ever reaching the handler and parsing/returning/running the requested page.

It's a little more complicated than that, so a better description/tutorial can be found at the codeguru website.