tags:

views:

129

answers:

1
Q: 

Custom Authorize attribute not working on expired ajax requests.

Hi. I have a custom authorize attribute on my controllers and it is not being called on expired ajax requests. I'm using forms authentication, and call controller methods via $.ajax (jQuery). The ajax request returns my login page and I don't seem to be able to intercept this.

Thank you.

UPDATE: I figured out why: I commented the authorization section in my web.config like follows:

  <authentication mode="Forms">
      <forms loginUrl="/Login" timeout="1" slidingExpiration="false"/>
    </authentication>
    <!--<authorization>
      <deny users="?"/>
    </authorization>-->

Now my authorization filter is being called even after expiration. Turns out that Web.config authorization rules take precedence over Authorize filters.

+3  A: 

Don't return 401 unauthorized. ASP.NET intercepts that and redirects to the login page defined in web.config. For AJAX, instead return something else, like 403.

Craig Stuntz  2009-10-29 14:47:38
For whatever reason AuthorizeCore (overriden) isn't even being called... I'm trying to figure out what could prevent it.
Valentin Vasiliev  2009-10-29 14:52:36
+1 Its awfull, that asp.net picks up the 401 and redirects automatically. This is a good answer!
Christian13467  2009-10-29 15:02:56

related questions

How do HttpOnly cookies work with AJAX requests?
ASP.NET JavaScript Callbacks Without Full PostBacks?
How to set encoding in .getJSON JQuery
Suggestions on Ajax development environment for PHP
Need to test an ajax timeout condition
XmlHttpRequest return values
Adobe AIR: Handling JSON objects from server
Best framework for implementing iGoogle or pageflakes (ASP.NET)
Is there some way to PUSH data from web server to browser?
Are there reasons not to use JSONP for AJA~X requests?
Minimize javascript HTTP calls from AjaxControlToolkit controls?
Only accepting certain ajax requests from authenticated users
ASP.net AJAX Drag/Drop?
Scrolling Overflowed DIVs with JavaScript
Speeding up an ASP.Net Web Site or Application
ICE Faces fileInput file path and file name properties
Ajax project suggestion.
Graphing JavaScript Library
Debugging: IE6 + SSL + AJAX + post form = 404 error
Best ajax library for Sharepoint
Can ASP.NET AJAX partial rendering work inside a SharePoint 2007 application page?
What is Progressive Enhancement?
Tracking state using ASP.NET AJAX / ICallbackEventHandler
Easy way to AJAX WebControls
Modify Address Bar URL in AJAX App to Match Current State