没有显式登录的ASP.NET登录重定向
[英]ASP.NET logon redirect without explicit logon
问题描述
ASP .NET 4.0 with MVC 3.0 
带有MVC 3.0的ASP .NET 4.0
So here's the situation: I am new to MVC and ASP.NET and I have a MVC application that uses FormAuthentication with the following in the web.config : 所以情况就是这样:我是MVC和ASP.NET的新手,我有一个MVC应用程序,在web.config中使用FormAuthentication和以下内容:
<authentication mode="Forms">
<forms loginUrl="~/LogOn/LogOn" timeout="2" requireSSL="true" />
</authentication>
And what usually happens is that if a user navigates to a page after the session has expired, they are directed to the LogOn page, which works fine. 通常会发生的情况是,如果用户在会话过期后导航到某个页面,则会将其定向到LogOn页面,该页面正常工作。 What I am trying to do is prevent that page from being sent back if the request is an Ajax call and instead send an JSON object back to indicate failure. 我想要做的是阻止该页面被发送回来,如果请求是一个Ajax调用,而是发送一个JSON对象来指示失败。
I've gotten as far as catching the request, checking for the XMLHttp type via the below: 我已经抓住了请求,通过以下方式检查XMLHttp类型:
void MvcApplication_AuthenticateRequest(object sender, EventArgs e)
{
if (s_identityProvider == null)
return;
IClaimsPrincipal principal = GetClaimsPrincipal();
Context.User = principal;
if (principal != null)
ClaimProvider.CheckAndPopulateRoles(principal);
else
{
if (Context.Request.Headers["X-Requested-With"] == "XMLHttpRequest")
{
Context.Response.Write( "<?xml version='1.0' encoding='ISO-8859-1'?>"+
"<note>"+
"</note>";
}
else
{
FormsAuthentication.SignOut();
}
}
}
Now, I've tested that my check for AJAX call seems to work, the only thing that is bizarre is that after the catch, the login page is STILL sent as a response. 现在,我已经测试过我对AJAX调用的检查似乎有效,唯一奇怪的是,在catch之后,登录页面仍然是作为响应发送的。 I have checked for all uses of FormsAuthentication methods to make sure no one else is forcing a FormsAuthentication.RedirectToLoginPage() and checked, in fact, all uses of FormsAuthentication and none are doing anything bizarre. 我已经检查了FormsAuthentication方法的所有用法,以确保没有其他人强制执行FormsAuthentication.RedirectToLoginPage()并检查,事实上,所有使用FormsAuthentication并且没有人做任何奇怪的事情。 I've also checked for the query for the login page URL (via GetRedirectUrl() ) and still nothing. 我还检查了登录页面URL的查询(通过GetRedirectUrl() ),但仍然没有。
Does anyone have any ideas what would be doing the autoredirect? 有没有人有什么想法做autoredirect?
1 个解决方案
解决方案1
0 已采纳 2012-08-20 19:17:50
My only guess would be that the AuthenticateRequest method is not the end of the Request's life cycle here. 我唯一的猜测是AuthenticateRequest方法不是这里Request的生命周期的结束。 As a result, the Response that is ultimately returned to the user is the redirect response. 其结果是,该Response被最终返回给用户是重定向响应。 You should try explicitly ending the Response after you have caught and modified the AJAX response to avoid any further manipulation by the MVC framework 在捕获并修改AJAX Response之后,应该尝试显式结束Response ,以避免MVC框架进一步操作
if (Context.Request.Headers["X-Requested-With"] == "XMLHttpRequest")
{
Context.Response.Write( "<?xml version='1.0' encoding='ISO-8859-1'?>"+
"<note>"+
"</note>";
Context.Response.End(); // Calling End here should complete the response.
}
else {
// ... other stuff
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.