I have a Global.asx file that needs to do user authentication, auditing, and profiling. This is necessary because it supports SAML-based single sign-on and requires overriding regular .Net authentication (which does not support SAML or mixed authentication).
I do not want to run it for static files like .js , .css , .png , etc.
In Cassini / WebDev and IIS7 it does.
What I want to have is a simple check, for example this.Request.IsStaticFile (which, unfortunately, does not exist) to identify static files.
I understand that it would be quite simple to write, but it looks like it should already exist - IIS has already applied caching policy stuff for static files, etc.
I need a solution for the code, not an IIS configuration change.
Update
This is my current solution:
/// <summary>Hold all the extensions we treat as static</summary> static HashSet<string> allowedExtensions = new HashSet<string>(StringComparer.OrdinalIgnoreCase) { ".js", ".css", ".png", ... }; /// <summary>Is this a request for a static file?</summary> /// <param name="request">The HTTP request instance to extend.</param> /// <returns>True if the request is for a static file on disk, false otherwise.</returns> public static bool IsStaticFile(this HttpRequest request) { string fileOnDisk = request.PhysicalPath; if (string.IsNullOrEmpty(fileOnDisk)) { return false; } string extension = Path.GetExtension(fileOnDisk); return allowedExtensions.Contains(extension); }
It works fast enough, but feels awfully awkward. In particular, relying on extensions, you will be prone to errors if we add new static files that we did not think about.
Is there a better way without changing the IIS configuration?