I have an MVC2 application that uses forms authorization and a session timeout. I use jquery ajax calls throughout my application in order to retrieve or submit data (in the form of partial views).
When a session times out, upon posting to the application, mvc2 returns a redirect, which prompts the browser to retrieve my login page, which it then embeds within the current page. This produced one view embedded within my current view, which is obviously undesirable. I attempted to implement the solution referred to in other posts on SO, which outline steps similar to the ones in this blog post: http://craftycodeblog.com/2010/05/15/asp-net-mvc-ajax-redirect/
However, perhaps because I’m using authorize annotations such as:
[Authorize(Roles = "Patient, Staff, Provider, Administrator")]
I find that the solution appears ineffective. Is anyone aware of a solution that will alter my C# response in a similar fashion as the one outlined in the blog post (returning a document.location redirect) that will work for authorize annotations?
I actually ended up using the solution described in this response:
More control on ASP.Net MVC's Authorize; to keep AJAX requests AJAXy
Unfortunately most of the posts dealing with the subject (including the one linked to by Clicktricity) seem to describe the solution, but with very little example code, and seem to favor modifying part of the request structure in global.asax, which I didn’t wish to do.