Search code examples
sessionasp.net-mvc-4authorizationimageresizer

Accessing Session in Authorization Event of Imageresizer

I'm trying to implement custom authorization in a MVC 4 application for ImageResizer (3.3.2) and everything works fine until I try to access session variables.

In global.asax I've added the following event listener to the pipeline:

ImageResizer.Configuration.Config.Current.Pipeline.AuthorizeImage += (m, c, args) =>
{
    // check authorization only for asset path
    if (args.VirtualPath.IndexOf("/Assets/", StringComparison.OrdinalIgnoreCase) > -1)
    {
        // HttpContext from parameter
        // c.Session is always null

        // Static access
        // HttpContext.Current.Session is also null
    }
};

As noted in the code, Session is always null. Is there a way to configure the module to be session enabled or any other way to access session variables?

Solution

  • The FormsAuthentication module isn't configured to run for .jpg requests in your applcation. You can change this at the FormsAuthentication module level, or enable RAMMFAR (which can compromise performance for other static requests).

    This question is essentially the same.