ASP.NET MVC3：在客户端的$Ajax请求之后,Request.IsAuthenticate

发布时间：2020-12-16 09:38:03 所属栏目：asp.Net 来源：网络整理

导读：我正在尝试在服务器上检查身份验证是否超时,之后如果Request.IsAuthenticated = false我想将Redirect用户重定向到LoGon页面.但即使身份验证时间过期,它总是给我Request.IsAuthenticated = true,但是当应用程序第一次启动时,所有权限Request.IsAuthenticated

我正在尝试在服务器上检查身份验证是否超时,之后如果Request.IsAuthenticated = false我想将Redirect用户重定向到LoGon页面.但即使身份验证时间过期,它总是给我Request.IsAuthenticated = true,但是当应用程序第一次启动时,所有权限Request.IsAuthenticated = false.

我无法检查会话超时,因为主页永久地从服务器获取数据,我认为会话永远不会超时.

在WebConfig中：

<code>
    <authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="1" />
    </authentication>
</code>

在服务器上：

<code>
public class CheckAuthorizeAndSessionAttribute : ActionFilterAttribute
    {
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            HttpContext ctx = HttpContext.Current;

            //  check if session is supported
            if (ctx.Request.IsAuthenticated)
            {
                if (ctx.Session != null)
                {
                    // check if a new session id was generated
                    if (ctx.Session.IsNewSession)
                    {

                        // If it says it is a new session,but an existing cookie exists,then it must
                        // have timed out
                        string sessionCookie = ctx.Request.Headers["Cookie"];
                        if (null != sessionCookie)
                        {
                            FormsAuthentication.SignOut();
                            //const string loginUrl = System.Web.Security.FormsAuthentication.LoginUrl;// Url.Action("LogOn","Account");
                            //var rr = new RedirectResult(loginUrl);
                            //filterContext.Result = rr;
                            String url = FormsAuthentication.LoginUrl;
                            filterContext.Result = new RedirectResult(url);
                        }
                    }
                }
            }
            else
            {
                ctx.Response.Redirect(@"~/Account/LogOn");
                //ctx.Response.StatusCode = 302;
            }
            base.OnActionExecuting(filterContext);
        }
    }
</code>

在客户端

<code>
$(document).ready(function () {
        //DELETE
        $("#ModifyBlock a").live("click",function () {
            var urlForGet = '';
            var urlAction = '';
            if ($(this).attr("id") == 'Delete') {
                urlForGet = '@Url.Action("Delete","Product")';
                urlAction = '@Url.Action("Delete","Product",new { id = "idClient",lockType = "typeLockClient" })';
            }
            if ($(this).attr("id") == 'Edit') {
                urlForGet = '@Url.Action("Edit","Product")';
                urlAction = '@Url.Action("Edit",lockType = "typeLockClient" })';
            }
            if ($(this).attr("id") == 'Detail') {
                urlForGet = '@Url.Action("Detail","Product")';
                urlAction = '@Url.Action("Detail",lockType = "typeLockClient" })';
            }
            $.ajax({
                url: urlForGet,type: 'GET',data: { id: $(this).attr("alt"),lockType: $("#SelTypesLock").attr("value") },dataType: 'json',proccessData: false,contentType: 'application/json; charset=utf-8',statusCode: {
                    200: function (data) {
                        alert('200: Authenticated');
                    },401: function (data) {
                        alert('401: Unauthenticated');
                    },550: function (data) {
                        alert('550: Unauthenticated');
                        $("#ErrorMesage").text(xhr.responseText);
                    },660: function (data) {
                        alert('660: Redirect to Error View');
                        window.location.href = '@Url.Action("Error","Product")';
                    }
                },success: function (data) {
                    url = urlAction;
                    url = url.replace("idClient",data.Id);
                    url = url.replace("typeLockClient",$("#SelTypesLock").attr("value"));
                    window.location.href = url;
                },error: function (xmlHttpRequest,status,err) {
                    $("#ErrorMesage").text(xmlHttpRequest.responseText);
                }
            });
        });
    </code>`enter code here

解决方法

您可能将滑动过期参数设置为true.这样做是为了测量web.config中针对参数的最后一次请求的时间.

如果您的参数是1分钟,并且您进行了30秒的Ajax调用,那么您将永远不会被取消身份验证.尝试关闭滑动过期并应该工作

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!