Logo

Maarten Balliauw {blog}

ASP.NET, ASP.NET MVC, Azure, PHP, OpenXML, VSTS, ...

About the author

Maarten Balliauw is currently employed as .NET Technical Consultant at RealDolmen. His interests are mainly web applications developed in ASP.NET (C#) or PHP and the Windows Azure cloud platform.
More about me More about me
Send mail E-mail me


ASP.NET MVC Quickly Subscribe to my RSS feed Follow me on Twitter! View Maarten Balliauw's profile on LinkedIn
View Maarten Balliauw's MVP profile

Search

Pages

Latest Twitter

    Follow me on Twitter...

    My projects

    Related blogs

    Recent posts

    Categories


    Archive

    Disclaimer

    The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

    © Copyright Maarten Balliauw 2010

    Remove unnecessary HTTP modules from the ASP.NET pipeline

    Posted by maartenba on Friday, September 21, 2007 4:07 PM

    Trying to speed up some things in a demo ASP.NET application for a customer, I found a really simple and effective way to remove some HTTP modules from the ASP.NET pipeline. When you are not using WindowsAuthentication or PassportAuthentication or ..., you can easily disable those modules. This decreases ASP.NET bootstrapping time as there are fewer object creations to do every page load...

    Now, how to do this? Very easy! Fire up your Visual Studio, and open Web.config.
    In the HttpModules section, add some "remove" elements, one for every module you whish to disable. If HttpModules section is not present, you can add it yourself.


    ...

    <httpModules>

        <remove name="WindowsAuthentication"/>

        <remove name="PassportAuthentication"/>

        <remove name="UrlAuthorization"/>

        <remove name="FileAuthorization"/>

    </httpModules>

    ...

    Here are the default HttpModules that are present and can eventually be disabled:

    • OutputCache
    • Session
    • WindowsAuthentication
    • FormsAuthentication
    • PassportAuthentication
    • RoleManager
    • UrlAuthorization
    • FileAuthorization
    • AnonymousIdentification
    • Profile
    • ErrorHandlerModule (I'm sure you want this one enabled!)
    • ServiceModel

    Check C:\WINDOWS\microsoft.NET\Framework\<version>\CONFIG\Web.config for more things you can emit. There are probably some more things you can override in your own Web.config...

    Now assume you have a public and protected part on your website. The public part is www.example.com, the private part is www.examle.com/protected. Thanks to ASP.NET's configuration cascading model, you can now disable FormsAuthentication for www.example.com, as no authentication will be needed there. In the www.private.com/protected folder, you can now put another Web.config file, enabling FormsAuthentication on that folder. How cool is that!

    I'm on my way to vacation. No blog posts next week, unless I spot a bear somewhere.


    Categories: ASP.NET | C# | General | Software | XML
    E-mail | Kick it! | DZone it! | del.icio.us
    Permalink | Comments (2) | Post RSSRSS comment feed

    Comments

    Duncan Smart United Kingdom | Reply

    Thursday, January 17, 2008 10:11 AM

    Duncan Smart

    Trying to speed up some things... So - what was the speed-up, did you measure it?

    Maarten Belgium | Reply

    Thursday, January 17, 2008 10:18 AM

    Maarten

    We did not measure the speed-up, it should save a few initialisation routines at every request.

    Personally, I think this trick should only be used on high-trafic web applications. Also make sure every developer knows this trick has been used: if one wants to use Sessions, and they are disabled, an unexperienced developer might have to search a while to fid out why sessions aren't working...

    Add comment




      Country flag

    biuquote
    • Comment
    • Preview
    Loading