问题描述
我试图在我的MVC3应用程序中授权ajax操作方法.当用户会话过期并且要求执行ajax操作方法时,会发生此问题. asp.net身份验证系统发送302重定向,而不是发送401,这对于非ajax请求似乎是合理的.但是有了Ajax,一切很快就搞砸了.因此,我决定采用. 基本上,在请求结束时,我们检查该请求是否为ajax请求,并且存在重定向(302响应).如果是,那么我们将响应代码从302替换为401.因此,在javascript中,我们检查401并从那里执行重定向.这是我输入的基本代码
I was trying to authorize ajax action methods in my MVC3 application. The problem occurs when the user session expires and an ajax action method is asked to execute. The asp.net Authentication system sends 302 redirect instead of sending 401 which seems logical for non-ajax requests. But with Ajax it all gets messed up quickly. So I decided to follow the approach suggested at ASP.NET MVC forces an AJAX request be redirected to the login page when the FormsLogin session is no longer active . Basically, at the end of request we check whether the request is an ajax request and there is a redirect (302 response). If it is then we replace the response code from 302 to 401. Accordingly in the javascript we check for 401 and perform redirection from there. Here is the basic code that I have put up
在Global.asax.cs
In Global.asax.cs
protected void Application_EndRequest() {
var context = new HttpContextWrapper(Context);
// If we're an ajax request, and doing a 302, then we actually need to do a 401
if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest()) {
Context.Response.Clear();
Context.Response.StatusCode = 401;
}
}
在JQuery全局错误处理程序中(包含在asp.net mvc主页中:_Layout.cshtml)
In JQuery global error handler (included in asp.net mvc master page : _Layout.cshtml)
$(document).ajaxError(function (event, jqXHR, ajaxSettings, thrownError) {
if (jqXHR.status == 401) {
window.location.replace(loginUrl);
}
});
我刚刚快速测试了此代码,它似乎工作正常.此代码是否有任何潜在的问题.就asp.net mvc和jquery而言,我是一个相对较新的程序员,所以我认为在实际实现代码之前,我会征询其他意见.
I have just quickly tested this code and it seems to work fine. Is there any potential problem with this code. I am a relatively novice programmer as far as asp.net mvc and jquery are concerned, so I thought I would ask for other opinions before actually implementing the code.
推荐答案
这是博客文章.它说明了一种更好的处理方法.
Here's a blog post which I would strongly recommend you reading. It illustrates a better approach for handling this.
这篇关于控制器中Ajax Action方法上的Authorize属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!