Home/ Questions/Q 916787
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T18:06:15+00:00

I’m fetching a partial view via $.ajax() and in the situation where you set

  • 0

I’m fetching a partial view via $.ajax() and in the situation where you set idle for 30 minutes and then try to fetch that partial view, the forms authentication has timed out and instead of getting my partial view returned to me, I’m getting the login page render into my .

Any suggestions on how to deal with a situation like this?

Thank you.

$(function () {
    $("#addContact").click(function () {
        $.get('/Contacts/Add', function (data) {
            $("#content").html(data);  <--gets login page as data
        });
    });
});
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Does your Add Action have any non-Ajax consumers? If not, I’d suggest removing the [Authorize] attribute from the action, which would remove the timeout-redirect problem. (If you have your entire controller decorated with [Authorize], you’d need to remove the controller-level attribute and adorn all of your other actions. Annoying, I know).

    For extra security, you could then do something like this to prevent non-Ajax calls from calling your Add action.

        public ActionResult Add()
    {
        if (Request.IsAjaxRequest())
            return View("Error");

        return View();
    }

    If, on the other hand, your Add action needs to support Ajax and normal calls, one way you can address this issue is to create a new Attribute class that inherits from and overrides AuthorizeAttribute. Check out the source for guidance: http://aspnet.codeplex.com/SourceControl/changeset/view/23011#266447

    You should be able to do the trick by overriding the AuthorizeCore method, like so

    public class AjaxAuthorizeAttribute: AuthorizeAttribute
{
    protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
    {
        if (httpContext.Request.IsAjaxRequest())
            return true;

        return base.AuthorizeCore(httpContext);
    }
}

    Now you can use [AjaxAuthorize] on your controller and/or action.

    To be clear, what you’re doing here is giving the user an extension on their timeout if they initiate a call via Ajax. Once they refresh the page, or navigate away, they would be prompted to log back in, as normal.

    Hope that helps. Let me know if you run into any issues.

    • 0