locked
Session Timeout in MVC RRS feed

  • Question

  • User-476222264 posted

    Hi All,

    In my application, i use RedirectToAction() to Login page on session timeout. But, in case,  if i am in a page which has a partial view in it, then, the RedirectToAction() is called and the Login page is replaced instead of the partial page alone.

    But, i want to replace the whole page with Login page.

    I appreciate any help.

    Thanks

    Manikandan

    Monday, August 26, 2013 7:12 AM

Answers

  • User1779161005 posted

    Something like this (beware pseudo-code):

    public class MySessionFilter : AuthorizeAttribute
    {
        bool isChildAction;
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            isChildAction = filterContext.IsChildAction;
            base.OnAuthorization(filterContext);
        }
            
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (!isChildAction)
            {
                return httpContext.Session["Foo"] != null;
            }
    
            return true;
        }
    }
    


    And register it in your global filters collection.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 27, 2013 8:30 AM

All replies

  • User1779161005 posted

    Implement this logic as a global authorization filter and only execute if filterContext.IsChildAction == false.

    Monday, August 26, 2013 9:20 AM
  • User-474980206 posted

    if you are using ajax to fetch html fragments, it can not detect the redirect (unless you use you own ajax librray and turn off redirect support in XmlHttpRequest). your login action should detect that its an ajax call, then send back a header that the client code can detect (try 401, or a specific 500 error). then add some client code to detect the condition and redirect the page to the proper login page.

    you will run into a simular condition in json results. i always return a standardized result, that hass error, and redirect url properties.

     

    Monday, August 26, 2013 11:35 AM
  • User-476222264 posted

    Hi BrockAllen,

    Thanks for the reply. What you want me to execute after checking the condition?

    Actually, i have the OnActionExecuting() in BaseController, which checks for empty session.

    Thanks

    Manikandan

    Tuesday, August 27, 2013 1:02 AM
  • User1779161005 posted

    Something like this (beware pseudo-code):

    public class MySessionFilter : AuthorizeAttribute
    {
        bool isChildAction;
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            isChildAction = filterContext.IsChildAction;
            base.OnAuthorization(filterContext);
        }
            
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (!isChildAction)
            {
                return httpContext.Session["Foo"] != null;
            }
    
            return true;
        }
    }
    


    And register it in your global filters collection.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 27, 2013 8:30 AM