Dot Net Thoughts

HTTP modules differ from HTTP handlers. An HTTP handler returns a response to a request that is identified by a file name extension or family of file name extensions. In contrast, an HTTP module is invoked for all requests and responses. It subscribes to event notifications in the request pipeline and lets you run code in registered event handlers. The tasks that a module is used for are general to an application and to all requests for resources in the application.

You can get more information on MSDN – HTTP Handlers and HTTP Modules Overview

In my previous post, Captcha using ASP.Net and C#, you may noticed that I am not talking about how can I validate the user is entering correct value or not. I thought of using Sessions for this purpose, like in the HTTP Handler, I wrote some code like

context.Session["captcha"] = drawString;

But that code failed, by throwing a Null Reference exception. After debugging I found the session object is coming as NULL. Then after doing a little search I found a nice post about how can we use session state in Http Handlers. For this you have to implement an empty interface, IRequiresSessionState, which in the available in the System.Web.SessionState namespace, you have to add reference of this namespace in your code, implement the interface, and you can use session in the Http Handler.

using System.Web.SessionState;

public class Handler : IHttpHandler, IRequiresSessionState
{
//Your implementation.
}

You can also use IReadOnlySessionState interface instead of IRequiresSessionState, which gives read only access to the session objects.

Now you can save the drawString value to the session state and in the C# code, you can read it from session and check with the user entry.

You can get more details from this post :How to use Session values in an HttpHandler