I am using Form Authentication Method in ASP.Net and the problem is it only protect ".aspx" files. I am trying to protect ".php" files in "kcfinder" folder from unauthenticated users.
I implemeted this class in "App_Code" folder.
public class KCChecker
{
public static void Process(HttpApplication Application)
{
HttpRequest Request = Application.Context.Request;
HttpResponse Response = Application.Context.Response;
string url = Request.Path.ToLower();
if (url.IndexOf("/kcfinder/") == 0 && !HttpContext.Current.User.Identity.IsAuthenticated)
{
Response.Redirect("/");
}
}
}
The problem is it always say "Object reference not set to an instance of an object." on HttpContext.Current.User.Identity.IsAuthenticated. I tried to change it to Application.Context.User.Identity.IsAuthenticated but it still shows the same error.
Is there any way I can access User Object in this custom module's Process function?
Add the following to your web.config file:
<modules runAllManagedModulesForAllRequests="true" />