我正在尝试将会话已过期的用户重定向到登录页面,使用如下所示的操作过滤器:
public class SessaoFilterAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string controllerName = filterContext.Controller.GetType().Name;
string actionName = filterContext.ActionDescriptor.ActionName;
if (filterContext.HttpContext.Session != null)
{
if (filterContext.HttpContext.Session["Autenticado"] == null)
{
if (!controllerName.Equals(typeof(LoginController).Name, StringComparison.InvariantCultureIgnoreCase)
|| (!actionName.Equals("Login", StringComparison.InvariantCultureIgnoreCase)
&& !actionName.Equals("Autenticar", StringComparison.InvariantCultureIgnoreCase)))
{
filterContext.Result =
new RedirectToRouteResult(
new RouteValueDictionary{
{ "controller", "Login" },
{ "action", "Login" }
});
}
}
}
base.OnActionExecuting(filterContext);
}
}
当处理base.OnActionExecuting(filterContext)时,firefox浏览器只接收这些答案,而不是重定向到登录页面:
GET (address)/Login/OpenChangePassword?_=1399920034730 200 OK 140ms jquery-1.7.1.js (line 8102) --> **The action that a Tried to call**
GET (address)/Scripts/jquery-1.7.1.js?_=1399920034951 200 OK 8ms jquery-1.7.1.js (line 8102)
GET (address)/maskedinput-1.1.2.pack.js?_=1399920035043 200 OK 3ms jquery-1.7.1.js (line 8102)
Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen. 0
Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen. 0
GET (address)/Scripts/jquery.dataTables.js?_=1399920035078 200 OK 7ms jquery-1.7.1.js (line 8102)
GET (address)/Scripts/select2.js?_=1399920035155 200 OK 14ms jquery-1.7.1.js (line 8102)
GET (address)/Scripts/select2_locale_pt-BR.js?_=1399920035213 200 OK 2ms jquery-1.7.1.js (line 8102)
GET (link)/Scripts/jquery-ui-1.8.20.js?_=1399920035238 200 OK 6ms jquery-1.7.1.js (line 8102)
GET (address)/Scripts/jquery.unobtrusive-ajax.js?_=1399920035339 200 OK 4ms jquery-1.7.1.js (line 8102)
GET (address)/Scripts/jquery.validate.js?_=1399920035368 200 OK 4ms jquery-1.7.1.js (line 8102)
GET (link)/Scripts/jquery.validate.unobtrusive.js?_=1399920035399 200 OK 2ms
这些.js
文件是我呈现给登录页面的文件。
有人可以帮忙吗?
韩国社交协会
答案 0 :(得分:0)
对于这种情况,我建议使用派生自AuthorizeAttribute的过滤器,然后覆盖AuthorizeCore方法。据我所知,这些过滤器在任何其他过滤器之前执行(包括从ActionFilterAttribute派生的过滤器,就像你的那样)。
我有一个类似你的场景,派生自AuthorizeAttribute为我做了这份工作。