tags:

views:

33

answers:

2
+2  Q: 

How does RedirectToRouteResult work ?

Hi,

I'm currently using RedirectToRouteResult as follow:

    public void OnAuthorization(AuthorizationContext filterContext)
    {
        User user = filterContext.HttpContext.Session["user"] as User;
        if (user == null || user.Role != expectedRole)
        {
            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary{ {"controller", _controller}, {"action", _action} });
        }
    }

This code is in my CheckLoginAttribute class.

I intend to use it as decorator on specific controller actions for example:

[CheckLogin(RolesEnum.Member, "MyController", "MyAction")]
public JsonResult GetNews()

So basically, I'm trying to short circuit a call to GetNews() and skip the execution of the action if the user is not logged on. If the user is not logged on then I want it to redirect to another action.

Will "RedirectToRouteResult" redirect to the appropriate action server side without having to do a big loop through the client side (like rewritting window url location or something like that) ? Is that how it works ?

Thanks for the help Appreciated

A: 

No - RedirectXXXResult always returns HTTP 302. This is not an equivalent of Server.Transfer().

Jakub Konecki  2010-10-21 23:45:07
A: 

Well, I've figured it out on my own.

So basically, it wasn't "redirection" that I needed. I was looking at the wrong place to solve my problem. I knew that redirection meant that I'd have to make several client/server trips just to be able to return a json result and it didn't feel right.

It took me a while to realize that I can pass any type of result into filterContext.Result.

It's my fault. I wasn't asking the right question because I didn't completely understand the problem I was facing. After a lot of research it comes down to being really stupid.

Final solution is:

    public class CheckLoginAttribute : AuthorizeAttribute, IAuthorizationFilter
{

    private RolesEnum expectedRole;

    public CheckLoginAttribute(RolesEnum role)
    {
        expectedRole = role;
    }

    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        User user = filterContext.HttpContext.Session["user"] as User;
        if (user == null || user.Role != expectedRole)
        {
            filterContext.Result = new JsonResult()
            {
                JsonRequestBehavior = JsonRequestBehavior.AllowGet,
                Data = new LoginMessage() { IsValidLogin = false }
            };
        }
    }
}

And now I can decorate my action methods with this:

[CheckLogin(RolesEnum.Admin)]

A little bit more code to avoid ASP.NET Session stealing and I'm done.

I hope this will help someone out there. Thanks.

Tchi Yuan  2010-10-22 03:39:30

related questions

Redirecting to specified controller and action in asp.net mvc 2 action filter
Rendering the field name in an EditorTemplate (rendered through EditorFor())
Missing Classes and Methods in ASP.net MVC 2
using Html.EditorFor with an IEnumerable<T>
ASP.NET MVC and ViewState
ASP.NET MVC 2 DisplayFor()
Maintaining ViewData between RenderAction calls
ASP.NET MVC - Current Action from controller code?
Is it a good idea to put content access logic in a BaseController?
HttpModule with ASP.NET MVC not being called
Ways to define an ASP.NET MVC Route
ASP.NET MVC 2 Preview 1 - DataAnnotation Validation with complex model object
ASP.NET MVC 2 Preview 1 - Problem compiling StructureMap Controller Factory
ASP.NET-MVC2 Preview 1: Are There Any Breaking Changes?
Site navigation for an 'Admin' application in ASP.NET MVC
Html.LabelFor Specified Text [ASP.NET MVC 2]
Is it viable to use ASP.NET MVC 2 Preview 1 in a production application?
Unit tests on MVC validation
Form input validation options in ASP.NET MVC 1.0+
Validation: Model or ViewModel
ASP.NET MVC 2 editor template for value types, int
ASP.NET MVC 2 Preview 1 - what is the best way to implement areas?
ASP.NET MVC 2.0 overview information?
Passing Controller a FormCollection and an IList<T>
Best ASP.NET MVC book?