在mvc4中的Global.asax中的会话超时重定向

时间:2014-01-30 16:35:26

标签: c# asp.net-mvc asp.net-mvc-3 asp.net-mvc-4 session-timeout

我正在尝试检测会话何时结束,然后在我的全局asax文件中完成此操作后将用户重定向到主页。

我正在使用下面的代码,我发现here

global.asax中:

protected void Session_Start()
    {
        if (Context.Session != null)
        {
            if (Context.Session.IsNewSession)
            {
                string sCookieHeader = Request.Headers["Cookie"];
                if ((null != sCookieHeader) && (sCookieHeader.IndexOf("ASP.NET_SessionId") >= 0))
                {
                    //intercept current route
                    HttpContextBase currentContext = new HttpContextWrapper(HttpContext.Current);
                    RouteData routeData = RouteTable.Routes.GetRouteData(currentContext);


                    //Substitute route Data Token Values for the Area
                    routeData.DataTokens["area"] = "";
                    routeData.DataTokens["UseNamespaceFallback"] = true;


                    //substitute route values
                    routeData.Values["controller"] = "home";
                    routeData.Values["action"] = "index";
                    routeData.Values.Add("timedOut", "true");
                    //routeData.Values["id"] = "timedOut";

                    IRouteHandler routeHandler = routeData.RouteHandler;
                    RequestContext requestContext = new RequestContext(currentContext, routeData);

                    IHttpHandler httpHandler = routeHandler.GetHttpHandler(requestContext);
                    httpHandler.ProcessRequest(Context);

                    Response.Flush();
                    Response.End();
                }
            }
        }
    }

我认为它没关系,因为它在开发环境中工作但是当我在我的服务器(IIS7)上尝试它时,我得到以下错误。

'HttpContext.SetSessionStateBehavior'只能在'HttpApplication.AcquireRequestState'之前调用

我已经使用here之类的链接识别了这个问题,但我无法让它发挥作用。我相信问题在下面的行中

IHttpHandler httpHandler = routeHandler.GetHttpHandler(requestContext);
                    httpHandler.ProcessRequest(Context);

但是我似乎无法让它在服务器上运行。有什么想法或建议吗?

1 个答案:

答案 0 :(得分:4)

您可以为您的控制器创建一个自定义操作过滤器来处理此问题:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Reflection;


namespace Web {


    public class SessionExpireFilterAttribute : ActionFilterAttribute {


        public override void OnActionExecuting( ActionExecutingContext filterContext ) {
            HttpContext ctx = HttpContext.Current;


            // check if session is supported
            if ( ctx.Session != null ) {


                // check if a new session id was generated
                if ( ctx.Session.IsNewSession ) {


                    // If it says it is a new session, but an existing cookie exists, then it must
                    // have timed out
                    string sessionCookie = ctx.Request.Headers[ "Cookie" ];
                    if ( ( null != sessionCookie ) && ( sessionCookie.IndexOf ( "ASP.NET_SessionId" ) >= 0 ) ) {


                        ctx.Response.Redirect ( "~/Home/Login" );
                    }
                }
            }


            base.OnActionExecuting ( filterContext );
        }
    }
}

然后,我会将此过滤器应用于我的Controller操作方法,如下所示:

 using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Web;
    using System.Web.Mvc;
    using System.Web.Mvc.Ajax;

    namespace Web.Controllers {

        public class HomeController : Controller {

            [SessionExpireFilter]
            public ActionResult Index( ) {
                // This method will not execute if our session has expired

                // render Home Page
                return View();
            }

            public ActionResult Login() {
                // render Login page
                return View();
            }
        }
    }