Classic ASP.NET
On classic ASP.NET when calling a [WebMethod] with Ajax in an unauthorized context (most likely in the case where the session expired) the response http status code is 401. You can handle this in the “error” handler (provided by most Ajax frameworks) and redirect to login page. For example I use this code with jQuery:
WebMethod;
[WebMethod] public static MyModel GetStuff() { return new MyModel(); }
Javascript:
$.ajax({
type: "POST",
url: "Default.aspx/GetStuff",
data: "{}",
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(msg) {
// do stuff
},
error: function(xhr, status, ex) {
if (xhr.status == 401) // unauthorized
{
window.location = "Login.aspx?ReturnUrl=" + window.location.pathname;
}
}
});
ASP.NET MVC
To do the same in ASP.NET MVC I have this method in my controller:
[Authorize] public ActionResult GetStuff() { return Json(new MyModel()); }
The ASP.NET MVC infrastructure doesn’t return 401 http status code on failed authorization but 302 http status code (actually the 401 status code is returned initially but later, in the same request, is intercepted by the infrastructure and replaced by 302 status code). XMLHttpRequest object handles this internally automatically following the redirect (no event is fired client side). The Ajax call will end in “success” but the message won’t be the expected JSON but the html of the login page.
The best (well, it’s a hack, if you a better way please tell me) way I found is to replace 302 status code by 401 status code on request end. I added the following code to Global.asax :
protected void Application_EndRequest() { if (Context.Response.StatusCode == 302 && Context.Request.Headers["X-Requested-With"] == "XMLHttpRequest") { Context.Response.Clear(); Context.Response.StatusCode = 401; } }
And the client side code (using Ext JS this time) is:
Ext.Ajax.on('requestexception', function(conn, response, options) { if (response.status == 401) { window.location = '<%= Html.ActionUrl("Account", "LogOn") %>?ReturnUrl=' + window.location.pathname; } });
Funny, I am having this same issue, in a custom handler I am working on. Your solution won’t work in my case as sometimes we will want the 302 error for other paths in the application.
Hi Ben,
Thanks for posting this up, I am currently trying to implement an MVC uploader and this post is a helpful starting point. One problem I am having with your code is that Im getting a 302 HTTP error every time I post to my controler. Any ideas on why this should be?
Thanks again,
Brian
Sorry … posted to wrong blog
Heya i’m for the first time here. I found this board and I find It truly helpful & it
helped me out much. I’m hoping to present one thing again and help others
such as you helped me.
konnicy zaś pewność na rowerze ,maluch przypadkiem mieć chęć tyłek zmniejszone w ten sposób, że jej raty płasko na ziemi, kiedy.
Heya i am for the primary time here. I found this board and I find It
really helpful & it helped me out a lot. I hope to progide
one thing back and aaid others like you helped me.
Com|squidoo|youtube|bebo|flickr|hub pages|wikipedia|tagged|facebook game|social networks|the facebook|online social networks|facebook itself} top dog grade Zuckerberg eat pledged to utilize in keeping with the ‘No Ad’ regulation. in fact, according to designer and magnificence mavens, Another awesome thing about almost all of these boots is they make our leg overall look thin together with well developed.
cheap retro jordans http://www.rethink4.com
I see you share interesting content here, you can earn some extra money, your website has big
potential, for the monetizing method, just type in google – K2
advices how to monetize a website
I read a lot of interesting articles here.
Probably you spend a lot of time writing, i know how to save you
a lot of time, there is an online tool that creates unique, SEO friendly posts in minutes,
just search in google – laranitas free content source
Every weekend i used to pay a quick visit this web site,
as i wish for enjoyment, since this this site conations in fact good funny stuff too.
Nice article 838, I fell the same way about Dotnet as this guy explained on TED http://www.youtube.com/watch?v=y3y6XMls9ns
即日必要なキャッシングは、対応してくれる金融会社をしっかりと精査して利用したほうが良いです。業態的に銀行などいろいろあります。これらは利用者の信用状態などで変わってきますが、融資を利用する場合は、口コミ情報などを考えて決定するべきです。