asp.net-mvc – 用户不在角色时的ASP.NET登录重定向循环

我在ASP.NET MVC 5中实现角色时遇到了一些困难.我试图以没有访问我想要访问的应用程序区域所需角色的用户身份登录.在这种情况下我期望的是,我再次被重定向到登录页面,直到我输入一组有访问权限的凭据或我导航到应用程序的另一个区域.

实际发生的是应用程序似乎进入登录重定向循环,调试通过显示多次调用Login操作.

这是登录操作：

[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
    ViewBag.ReturnUrl = returnUrl;
    return View();
}

这会导致IIS生成错误：

HTTP Error 404.15 - Not Found
The request filtering module is configured to deny a request where the query string is too long.

查询字符串如下所示：

http://localhost/MyApplication/Account/Login?ReturnUrl=%2FMyApplication%2FAccount%2FLogin%3FReturnUrl%3D%252FMyApplication%252FAccount%252FLogin%253FReturnUrl%253D%25252FMyApplication%25252FAccount%25252FLogin%25253FReturnUrl%25253D%2525252FMyApplication%2525252FAccount%2525252FLogin%2525253FReturnUrl%2525253D%252525252FMyApplication%252525252FAccount%252525252FLogin%252525253FReturnUrl%252525253D%25252525252FMyApplication%25252525252FAccount%25252525252FLogin%25252525253FReturnUrl%25252525253D%2525252525252FMyApplication%2525252525252FAccount%2525252525252FLogin%2525252525253FReturnUrl%2525252525253D%252525252525252FMyApplication%252525252525252FAccount%252525252525252FLogin%252525252525253FReturnUrl%252525252525253D%25252525252525252FMyApplication%25252525252525252FAccount%25252525252525252FLogin%25252525252525253FReturnUrl%25252525252525253D%2525252525252525252FMyApplication%2525252525252525252FAccount%2525252525252525252FLogin%2525252525252525253FReturnUrl%2525252525252525253D%252525252525252525252FMyApplication%252525252525252525252FAccount%252525252525252525252FLogin%252525252525252525253FReturnUrl%252525252525252525253D%25252525252525252525252FMyApplication%25252525252525252525252FAccount%25252525252525252525252FLogin%25252525252525252525253FReturnUrl%25252525252525252525253D%2525252525252525252525252FMyApplication%2525252525252525252525252FAccount%2525252525252525252525252FLogin%2525252525252525252525253FReturnUrl%2525252525252525252525253D%252525252525252525252525252FMyApplication%252525252525252525252525252FAccount%252525252525252525252525252FLogin%252525252525252525252525253FReturnUrl%252525252525252525252525253D%25252525252525252525252525252FMyApplication%25252525252525252525252525252FAccount%25252525252525252525252525252FLogin%25252525252525252525252525253FReturnUrl%25252525252525252525252525253D%2525252525252525252525252525252FMyApplication%2525252525252525252525252525252FAccount%2525252525252525252525252525252FLogin%2525252525252525252525252525253FReturnUrl%2525252525252525252525252525253D%252525252525252525252525252525252FMyApplication%252525252525252525252525252525252F

我从一个有效的解决方案(虽然没有基于角色的授权)到我当前破碎的情况所做的唯一改变是在成功登录时重定向到控制器上面添加以下内容：

[Authorize(Roles = "Staff")]

正如我之前所说,我登录的用户不是这个角色,但我希望在没有循环的情况下,理智,单一重定向到Login.

编辑：请求bu @dima,通过过滤器应用授权的详细信息……我有以下内容：

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());
        filters.Add(new AuthorizeAttribute());
    }
}

但是,我已经测试了使用和不使用此行的应用程序,并且重定向循环继续有增无减.

@Html.Action("LeftNav","Home")