Set it up in the Application_EndRequest() method of the Global.asax
You can check to see if the request is an ajax request and also check if it is sending an HTTP redirect (302) if it is, then we actuall want to send a 401.
protected void Application_EndRequest() {
var context = new HttpContextWrapper(Context);
// If we're an ajax request, and doing a 302, then we actually need to do a 401
if (Context.Response.StatusCode == 302 && context.Request.IsAjaxRequest()) {
Context.Response.Clear();
Context.Response.StatusCode = 401;
}
}
Then in your client code, in a globally accessible area:
MyNamespace.handleAjaxError = function (XMLHttpRequest, textStatus, errorThrown) {
if (XMLHttpRequest.status == 401) {
// perform a redirect to the login page since we're no longer authorized
window.location.replace("logout path");
}
} else {
MyNamespace.displayGeneralError();
}
};
$.ajax({
type: "GET",
url: userAdmin.addUserActionUrl,
success: userAdmin.createUserEditorDialog,
error: MyNamespace.handleAjaxError
});