堆栈内存溢出
  简体   繁体   English

在受WIF(PassiveAuthentication)保护的MVC应用程序中,使用ajax请求加载部分视图

[英]Loading a partial view with an ajax request in an MVC application secured with WIF (PassiveAuthentication)

 原文  2013-08-27 13:35:59       c#/ asp.net-mvc-4/ authentication/ wif

问题描述

I am developing an MVC4 application secured with Windows Identity Foundation. 我正在开发受Windows Identity Foundation保护的MVC4应用程序。

I am also using jQuery ( $.ajax() ) to refresh some partial views at regular intervals. 我还使用jQuery($ .ajax())定期刷新一些局部视图。

This application is used for monitoring some systems and no navigation occurs apart from the partial view refreshes. 此应用程序用于监视某些系统,除了部分视图刷新之外,没有导航发生。

After 20 minutes the WIF security cookie expires and my application tries to request another token from the PassiveSTS page. 20分钟后,WIF安全cookie到期,我的应用程序尝试从PassiveSTS页面请求另一个令牌。 As expected, the PassiveSTS performs authentication and redirects to the calling URL. 如预期的那样,PassiveSTS执行身份验证并重定向到调用URL。

The problem is that the ajax() request used to load the partial view expects an HTTP 200 code and receives HTTP 302 instead. 问题在于,用于加载部分视图的ajax()请求期望使用HTTP 200代码并接收HTTP 302。

It seems to me that Passive authentication is not designed to work properly with ajax calls to partial views. 在我看来,被动身份验证并未设计为与对部分视图的Ajax调用一起正常工作。

What is wrong with this approach? 这种方法有什么问题? Is an active authentication more appropriate? 主动身份验证是否更合适?

1 个解决方案

解决方案1
 1 已采纳  2013-08-27 14:04:39

Ajax calls should issue 401 if the caller is not authorized. 如果未授权调用方,则Ajax调用应发出401。 The problem is that WIF assumes the request is a browser and does the redirect. 问题是WIF假定该请求是浏览器并进行重定向。 I built a helper to suppress these redirects for Ajax calls in Thinktecture IdentityModel. 我构建了一个助手来抑制Thinktecture IdentityModel中针对Ajax调用的这些重定向。 You can either use the library from NuGet or just grab the relevant code and add it to your project. 您可以使用NuGet中的库,也可以只获取相关代码并将其添加到您的项目中。

http://brockallen.com/2013/02/19/suppress-login-redirects-for-api-clients-in-wif-with-thinktecture-identitymodel/ http://brockallen.com/2013/02/19/suppress-login-redirects-for-api-clients-in-wif-with-thinktecture-identitymodel/

https://github.com/thinktecture/Thinktecture.IdentityModel.45/ https://github.com/thinktecture/Thinktecture.IdentityModel.45/

Of course your client side JS would then have to do something when it gets the 401, but presumably you'd inform the use that you need to log back in. 当然,当您的客户端JS获得401时,它就必须做一些事情,但是想必您会告知使用者您需要重新登录。

Another thing might be to use sliding sessions, yet another feature I added to IdentityModel: 另一件事可能是使用滑动会话,而我添加到IdentityModel的另一个功能是:

http://brockallen.com/2013/02/17/sliding-sessions-in-wif-with-the-session-authentication-module-sam-and-thinktecture-identitymodel/ http://brockallen.com/2013/02/17/sliding-sessions-in-wif-with-the-session-authentication-module-sam-and-thinktecture-identitymodel/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 未在MVC应用程序中加载部分视图 - Not Loading Partial View in MVC Application AJAX请求加载的局部视图-MVC - AJAX request for a loaded partial view -MVC 加载部分视图(AJAX)时应隐藏MVC视图页 - MVC View Page should hide while Partial View (AJAX) Loading ASP.NET MVC-加载局部视图时的Ajax微调器 - ASP.NET MVC - Ajax Spinner while loading a Partial view 在MVC中通过Ajax加载后显示部分视图 - Displaying partial view after loading it via Ajax in MVC 在MVC的部分视图中加载JQuery - Loading JQuery in Partial View on MVC 使用Ajax的MVC部分视图 - MVC Partial view using ajax Ajax aspnet mvc 5 的局部视图 - Partial View with Ajax aspnet mvc 5 使用Ajax Beginform加载不同的局部视图 - Loading different partial view with Ajax Beginform 从MVC的局部视图加载菜单 - Loading menu from a partial view in MVC
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM