This page isn't redirecting properly error with MVC3 + AJAX + Forms Authentication

Question

EDIT: Removed non-relevant code/desc, since the issue was not just to do with the initial code there.

I have an MVC3 based application that uses a lot of Ajax calls (such as with jqGrid) and Forms Authentication. I also use the [Authorize] attribute on certain controller/actions that I call with Ajax in most cases. Every so often my application falls over with a 'This page isn't redirecting properly' or a 'this page has a redirect loop'.

I checked this out with fiddler. After logging in as a user and trying to access pages that require authentication, sometimes I get redirected to Account/LogOn which then goes into an infinite loop. This usually happens when I'm calling any controller/action with an Authorize attribute with an Ajax call. The application seems to send out a 302 redirect to Account/Logon. The Account/Logon call then seems to redirect to itself. And the textView on Fiddler shows the following.

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Account/LogOn">here</a>.</h2>
</body></html>

I have the following in my Global.asax file

protected void Application_EndRequest()
        {
            var context = new HttpContextWrapper(this.Context);
            //if we are an ajax request and forms authentication caused a 302, then we actually need to do a 401
            if (System.Web.Security.FormsAuthentication.IsEnabled && context.Response.StatusCode == 302 && context.Request.IsAjaxRequest())
            {
                context.Response.Clear();
                context.Response.StatusCode = 401; 
            }
        }

And this in my main Layout page

<script type="text/javascript">
    $(document).ajaxError(function (xhr, props) {
        if (props.status == 401) {                
            location.reload();
        }
    });

</script>

My web.config setting for Forms authentication has this

<authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="2880"/>
    </authentication>

The redirect starts every so often and it is not with the same controller/action either. Just seems quite random. I am not sure if the cookie is expiry for the user and causing this issue for some reason or if it is an issue with the application pool recycling. Any suggestions on how to get around this would be most appreciated. Been struggling with this the last few days now, so any help from the experts will be great. Thank You

Answer 1

Please see the answer in the linked question. This was the resolution to my redirect loop problem. Thank you for all your inputs.

IIS Session timeout and Forms Authentication loop

Answer 2

decorate your action method with Authorize attribute to make it available to authenticated/logged in users, after that check user role.

Answer 3

I don't see a loop in the above code. But maybe in one of controller1 or controller2 you have a redirect back to this home/index action.

I would suggest to run fiddler while testing the site, when a redirect loop happens you can easily detect it there, and then it is easier to find out what's wrong with the code.