ASP.NET MVC自定义操作筛选器不重定向

时间:2014-05-12 19:29:17

标签: asp.net-mvc http-redirect action-filter custom-action-filter

我正在尝试将会话已过期的用户重定向到登录页面,使用如下所示的操作过滤器:

public class SessaoFilterAttribute : ActionFilterAttribute
    {
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            string controllerName = filterContext.Controller.GetType().Name;
            string actionName = filterContext.ActionDescriptor.ActionName;
            if (filterContext.HttpContext.Session != null)
            {
                if (filterContext.HttpContext.Session["Autenticado"] == null)
                {
                  if (!controllerName.Equals(typeof(LoginController).Name, StringComparison.InvariantCultureIgnoreCase)
                  || (!actionName.Equals("Login", StringComparison.InvariantCultureIgnoreCase) 
                  && !actionName.Equals("Autenticar", StringComparison.InvariantCultureIgnoreCase)))
                    {
                        filterContext.Result = 
                          new RedirectToRouteResult(
                             new RouteValueDictionary{
                                     { "controller", "Login" },
                                     { "action", "Login" }
                             });
                    }
                }
            }
            base.OnActionExecuting(filterContext);
        }
    }

当处理base.OnActionExecuting(filterContext)时,firefox浏览器只接收这些答案,而不是重定向到登录页面:

GET (address)/Login/OpenChangePassword?_=1399920034730 200 OK 140ms  jquery-1.7.1.js (line 8102) --> **The action that a Tried to call**

GET (address)/Scripts/jquery-1.7.1.js?_=1399920034951  200 OK 8ms        jquery-1.7.1.js (line 8102)

GET (address)/maskedinput-1.1.2.pack.js?_=1399920035043 200 OK 3ms  jquery-1.7.1.js (line 8102)

Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen. 0

Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen. 0

GET (address)/Scripts/jquery.dataTables.js?_=1399920035078 200 OK 7ms   jquery-1.7.1.js (line 8102) 

GET (address)/Scripts/select2.js?_=1399920035155 200 OK 14ms    jquery-1.7.1.js (line 8102)

GET (address)/Scripts/select2_locale_pt-BR.js?_=1399920035213 200 OK 2ms jquery-1.7.1.js (line 8102)

GET (link)/Scripts/jquery-ui-1.8.20.js?_=1399920035238 200 OK 6ms jquery-1.7.1.js (line 8102)

GET (address)/Scripts/jquery.unobtrusive-ajax.js?_=1399920035339 200 OK 4ms jquery-1.7.1.js (line 8102)

GET (address)/Scripts/jquery.validate.js?_=1399920035368 200 OK 4ms jquery-1.7.1.js (line 8102)

GET (link)/Scripts/jquery.validate.unobtrusive.js?_=1399920035399 200 OK 2ms

这些.js文件是我呈现给登录页面的文件。

有人可以帮忙吗?

韩国社交协会

1 个答案:

答案 0 :(得分:0)

对于这种情况,我建议使用派生自AuthorizeAttribute的过滤器,然后覆盖AuthorizeCore方法。据我所知,这些过滤器在任何其他过滤器之前执行(包括从ActionFilterAttribute派生的过滤器,就像你的那样)。

我有一个类似你的场景,派生自AuthorizeAttribute为我做了这份工作。

相关问题
最新问题