I am developing a Web filter plugin for ISA 2004 server. I have to program the DLL in c#. I was wondering if it is possible to use the 2004 SDK (event notifications)for C# programs since the examples mentioned in the SDK are all in vc++.
Oh danger. I love .NET and am a veteran filter coder, but IMO the two things really ought not to be mixed.
MS does not support ISA filter work in .NET, and I would not be surprised to learn that there could be fundamental incompatibilities underlying that fact.
If you simply MUST use c#, you'll need to write a bridge DLL in unmanaged c++ to marshal between the WPF interface and your main processing code. There are no ".NET hooks" so you have to make essentially an adaptor.
Not to presume anything about your coding either, but just to anyone who reads this... You need to be _good_ at c++ in order to do filters. This is because the filters run in-process with the firewall. Any memery management slip-up or other fumble, and you bring down the whole service.
As a parting shot, I'm not sure what issues may be introduced when you cause the firewall process to spin up the .NET runtime. Surely a memory hit, but I'm thinking about thread management and other subtler resource gothcas.
Thanks for the information. It saved a lot of time. I now have a filter developed in vc++. But got a problem when ISA server is configured as a transparent proxy. The hostname header is missing. my current code is as follows ------------------------------------------------- static DWORD OnGetClientHeaders (PHTTP_FILTER_CONTEXT pfc, PHTTP_FILTER_PREPROC_HEADERS pHeaders) { CHAR url[URL_BUFFER_SIZE];
When ISA is a transparent proxy I only get the path in the URL but not the hostname. It works fine in no-transparent mode. If you can guide me to a solution it would be great.
Why should there be a host name? If you wireshark the traffic you'll see that the values the API returns are correct. Look at getting the Host header in these cases.
The filter plugin gets the requested URL from the ISA server and forwards the hostname to our own policy server for decision making in order to restrict for example porn sites.
It works fine for the non-transparent since I ve found the header information includes the complete URL. But for transparent mode the header seems to be split into 2 lines. I am not sure of this though.
I was wondering if I could get the hostname somehow when it is in transparent mode.
Read closer above. You need to get the "Host" header, it will contain the data that is "missing" from the url. Per RFC, the url includes protocol and host info when it's a proxy connection. Normal intercepted HTTP requests are not in this format.
Your solution worked great last time. I have one question, My web filter looks at user's requests and it detects faulty Web pages by looking into host name (which is already done) and redirects the user to a particular URL . Is there any source or simple code snippet that describes how to redirect a user to a particular URL using ISAPI?. I looked through internet but they seem complicated since I am new to ISAPI and filter development.
Thanks for the solution again. I have one more question. When the ISA 2004 server passes the user requested url to the web filter plugin. Does the url include the users's security or primary group information?
Thanks in advance.
< Message edited by m_kk -- 19.Dec.2007 3:38:01 PM >
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Programming >> Program in C# using ISA 2004 SDK 
Program in C# using ISA 2004 SDK - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread