我知道在我的代码中导致Redirect循环的原因,我只是不确定如何解决它。首先,我的代码。
switch (Request.QueryString["Error_ID"])
{
case "1":
// Error Code 1 is when a user attempts to access the Admin section and does not have rights to.
MultiView1.ActiveViewIndex = 1;
break;
case "2":
// Error Code 2 is when a user is not currently Active.
MultiView1.ActiveViewIndex = 2;
break;
default:
// Default is View Index 0 for default access.
MultiView1.ActiveViewIndex = 0;
break;
}
// Get current username.
string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
// Test to see if user is Active.
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["HSEProjRegConnectionString1"].ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("SELECT [active] FROM [tbl_Person] WHERE username LIKE @username", conn))
{
cmd.Parameters.AddWithValue("@username", "%" + userName + "%");
var res = cmd.ExecuteScalar();
bool registeredAndActive = (bool)res;
if (registeredAndActive)
{
// Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
}
else
{
// !Active Condition. Shows an alternative version of the default page where the user is told they do not have access.
Response.Redirect("default.aspx?Error_ID=2");
}
}
代码的要点是首先检查SWITCH()方法中的查询字符串,以防在后一页上提供一个查询字符串。然后它获取当前登录的AD用户名,然后检查用户数据库以查看用户是否标记为“活动”。如果是这样,它什么都不做,因为它将允许页面正常加载。如果没有,则它会重定向到同一页面,但会附加一个Error_ID,以便我可以显示另一个视图,说明该用户没有访问权限。我很确定这是重定向循环的来源。有没有人对如何消除Redirect Loop有任何想法?我尝试使用Request.Url.ToString()
然后使用!var.Contains
来执行重定向,但我也无法做到这一点。
编辑:我应该注意,我有兴趣听听是否有人有Response.Redirect()
的替代方案。它很有效,但最初我使用的是Response.End()
并且不允许任何代码运行,所以想出了使用Response.Redirect()
和QueryString
做我想做的事。
答案 0 :(得分:1)
您正在测试您的用户是否有效两次。此外,在第二次检查中,您将页面重定向到自身,从而继续进行检查。
您的第一张支票在这里:
switch (Request.QueryString["Error_ID"])
{
(...)
case "2":
// Error Code 2 is when a user is not currently Active.
MultiView1.ActiveViewIndex = 2;
break;
(...)
你的第二张支票就在这里:
if (registeredAndActive)
{
// Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
}
else
{
// !Active Condition. Shows an alternative version of the default page where the user is told they do not have acces.
Response.Redirect("default.aspx?Error_ID=2");
}
所以第二次检查会将页面重定向到自身,并且它会一直循环。
最简单的解决方法是恕我直言,如果您的错误代码为“2”,则不会检查当前用户是否处于活动状态,即您可以:
1)如果Error_ID为2,则停止页面执行,即将第一次检查更改为:
case "2":
// Error Code 2 is when a user is not currently Active.
MultiView1.ActiveViewIndex = 2;
Response.End(); // <--- this will stop the execution before reaching the first block
break;
2)如果Error_ID为2,请不要再次重定向页面,即将第二次检查更改为:
if (registeredAndActive)
{
// Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
}
else
{
// !Active Condition. Shows an alternative version of the default page where the user is told they do not have acces.
if (MultiView1.ActiveViewIndex != 2) { // check if the page has already been redirected
Response.Redirect("default.aspx?Error_ID=2");
}
}
恕我直言,解决方案2似乎是两个中最干净,最优雅的
答案 1 :(得分:1)
做这样的事情怎么样:
if(MultiView1.ActiveViewIndex != 2)
{
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["HSEProjRegConnectionString1"].ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("SELECT [active] FROM [tbl_Person] WHERE username LIKE @username", conn))
{
cmd.Parameters.AddWithValue("@username", "%" + userName + "%");
var res = cmd.ExecuteScalar();
bool registeredAndActive = (bool)res;
if (registeredAndActive)
{
// Active Condition. The DEFAULT in SWITCH() will take care of displaying content.
}
else
{
// !Active Condition. Shows an alternative version of the default page where the user is told they do not have acces.
Response.Redirect("default.aspx?Error_ID=2");
}
}
}
}
答案 2 :(得分:1)
如果查询字符串值(Error_ID)不是1或2,您只需要执行数据库检查。编写逻辑的方式,您将始终检查用户是否处于活动状态,如果不是,然后它会继续向页面发送Error_ID = 2查询字符串值,你将陷入循环。我建议将用于测试查询字符串的逻辑分离为单独的方法,并让它返回一个是否尝试在数据库中查询Active值的布尔值。