httpapplication

I have an aspx page where I’m allowing a user to upload a file and I want to cap the max file upload size to be 10MB. IIS7, .NET 3.5. I have the following configured in my web.config file: <location path="foo.aspx"> <system.web> <!-- maxRequestLength: kbytes, executionTimeout:seconds --> <httpRuntime maxRequestLength="10240" executionTimeout="120" /> <authorization> <allow roles="customRole"/> <!-- Deny everyone else --> <deny users="*"/> </authorization> </system.web> <system.webServer> <security> <requestFiltering> <!-- maxAllowedContentLength: bytes --> <requestLimits

Q 1. To my understanding FormsAuthenticationModule is subscribed to AuthenticateRequest event, and thus only after this event is fired, is FormsAuthenticationModule called. But the following quotes got me a bit confused: The AuthenticateRequest event signals that the configured authentication mechanism has authenticated the current request. Doesn’t the above quote suggest that when AuthenticateRequest event is raised, request (aka user) is already authenticated? Subscribing to the AuthenticateRequest event ensures that the request will be authenticated before processing the attached module or

Does anyone know of a site or page, or know the order of execution for the events of the HTTPApplication class for HTTPModule event execution? I found the MSDN Documentation for all of the events, but it doesn't show a list of process steps and I haven't been able to find one. Maybe this helps http://support.microsoft.com/kb/307985/en-us/ An HttpApplication class provides a number of events with which modules can synchronize. The following events are available for modules to synchronize with on each request. These events are listed in sequential order: BeginRequest AuthenticateRequest