Hope you can help. In my ASP.net MVC3 app, all my controllers descend from a customized controller I have created.
Upon FormsAuthentication time out, my app correctly redirects users to the login page if they attempt to access any page (standard functionality).
However, for Ajax.ActionLink and Ajax.BeginForm calls, they just return nothing, which confuses users if the browser is left open for more than 20 minutes and then they try to access an Ajax link.
Is there any code I can put in to my base controller that will work generically so that when it detects an inbound Ajax call and we have timed-out, it will redirect users to my login page as expected?
I don't mind if it doesn't return to the original page afterwards - happy for it to just go to the Home Index page.
Thanks in advance for any help you can provide.
Simon.
You may take a look at the following blog post which illustrates a nice way to prevent the FormsAuthentication module from redirecting to the logon page in case of an AJAX request and simply send a 401 status code to the client so that it can act accordingly.
Related
I have a application in ZF2 framework, in this I am sending and requesting data to/from a web services using http_client request. In my application I have a multi step form which is changing form steps using ajax.
Now if I submit a form using ajax request, it hit my controller and then from controller I call a common function of controller plugin for all type of request in this case if there is any error in web service then I want to redirect to login page but it not redirecting parent layout/page instead of this it show the login page in ajax loaded form part(where my form is changing through ajax).
Please help me to redirect main page to login page instead of show login page in ajax loaded part.
Thanks in advance
I'm not a javascript expert but you need to do the redirect in the javascript and not your controller.
window.location.replace("http://stackoverflow.com");
You can pass the redirect url from your controller if you need to redirect to different locations depending on your logic.
See this question.
Hope this points you in the right direction.
I have a legacy asp.net web form web site, it uses forms authentication. Now, I have the requirement to create a new sub MVC application in the web site. My new application is most likely a SPA that means most actions are done through Ajax. Everything works fine until session time out, because once time out, my background Ajax returns the content of form login page instead of my json data. This is correct session behavior, but how can I know session time out in ajax and then redirect the page to login page?
You can trap the failure of your AJAX calls and look for 401 result, which means that the request was not authorised.
I'm assuming you're using Web API for your service calls here - if you're calling methods on your normal MVC controller you'll need to do a little bit of work to ensure unauthenticated requests return 401 instead of redirecting you to the login page.
I need some help to implement facebook authentication. I'm doing this sample:
http://csharpsdk.org/docs/web/getting-started
and it works fine, I can get the access token and get user's info. But my problem is because javascript start a loop of http post's, because he's executing the javascript who invokes the handler, so infitly redirect for my page.
So I have Main.aspx and is there where I have the javascript implemented and all my main content, if my handlrer redirect to Main.aspx he enter in loop, if I redirect the handler to SecondPage.aspx he stops the loop, but if i click go back to Main.aspx(or someone else where i've the javascript) he redirect to second...
The issues is that you are redirecting back to your original page from your ashx handler page and when you do that your JavaScript is executing again and hence submitting another Post to the server which in turn calls your ashx handler page again. So you end up in an infinite loop. But when you redirect to a different page from your ashx handler page then the JavaScript that authenticates your user does not execute and does not send another Post.
I ran into this same problem myself and came up with a fairly simple solution which I posted on a different thread dealing with the same issue. you can find the answer on this thread.
On a side note, I continued to research this and found a great solution that allows me to do this all server side instead of using the JavaScript SDK, so I'm not sure it would be of interested to you since your post was about "How to make HTTP POST facebook authentication" but in case you are, the link gives a solution dealing with an ASP.NET app that is not written using MVC. Getting Started With The Facebook C# SDK
I have a UserController that have methods like Register, Login, Logout, etc.
On my site I have a small login form that i've made as a partial view and is part of a masterpage. The behaviour I want is to be able to login from any view and then return to the controller I was at when i called the Login method.
I can call the methods from anywhere just fine, but can't figure out what to do to find out what controller and action the user was at to reroute back.
Use the Referer header from the HTTP Request. In PHP you get it with $_SERVER['HTTP_REFERER']; I don't know how it's done in ASP.NET, but it shouldn't be too hard if you google for "HTTP Header Referer".
Referer is not guaranteed to be populated, since some proxies do not send it. So I would recommend against depending on it.
Instead, when you redirect a user from a protected page to login page, save where they were into the Session object, or Viewdata, or maybe TempData object. So you can use the value in there to redirect them back to where they were when they successfully log in.
I'm using ASP.Net MVC beta 1 and I'm using the asp.net membership provider with the standard authentication controller to restrict access to my site.
I'm using ajax functionality to provide e.g. editing of values by loading partial views into a div with either jQuery $.get/$.ajax or with the Ajax.Actionlink MVC helper. This all works fine most of the time.
My problem comes once the login times out and you click on one of the ajax edit links - the ajax call returns the login page which is put into the div normally used for the edit form.
I want to find a way to redirect the whole page to the login form, when the authentication has timed out and an ajax link is clicked.
One way I can think of is looking at the html returned from the ajax call in the response callback and searching for the 'login' text or form field and doing a redirect from there - but this doesn't feel very clean - is there a better way?
This might help some:
Bypass Forms Authentication auto redirect to login, How to?
From the above answer it looks like http 403 isn't intercepted by Forms Authentication, so you can roll your own ActionFilter that returns an http 403 response if its an Ajax Request and Authorization failed.
On the client side, you could then check the response code for 403, and redirect to the appropriate login url.
There are probably other ways to do this as well!