Asp.net mvc MVC3 401在POST请求后重定向时未经授权的响应
我正在使用ASP.NETMVC3编写一个RESTfulWeb服务。我分别使用基本的GET/POST/PUT映射来执行检索/创建/更新操作。它适用于我的一种域类型,但我正在为另一种类型执行完全相同的操作集,并且我从本地ASP.NET开发服务器收到401未经授权的响应 首先,这里是MyApiAreaRegistration.cs中RegisterArea方法的相关部分,其中创建了路由(为了简洁起见,我删除了更新方法): 在StudentController中:Asp.net mvc MVC3 401在POST请求后重定向时未经授权的响应,asp.net-mvc,json,asp.net-mvc-3,http,rest,Asp.net Mvc,Json,Asp.net Mvc 3,Http,Rest,我正在使用ASP.NETMVC3编写一个RESTfulWeb服务。我分别使用基本的GET/POST/PUT映射来执行检索/创建/更新操作。它适用于我的一种域类型,但我正在为另一种类型执行完全相同的操作集,并且我从本地ASP.NET开发服务器收到401未经授权的响应 首先,这里是MyApiAreaRegistration.cs中RegisterArea方法的相关部分,其中创建了路由(为了简洁起见,我删除了更新方法): 在StudentController中: /// <summary>
/// <summary>
/// return json representation of FamilyDto
/// </summary>
/// <param name="email"></param>
/// <returns></returns>
[HttpGet]
public ActionResult FamilyDetail(string email)
{
Family f = _studentDataAccess.GetFamilyByEmail(email.Trim());
if (f == null)
{
return HttpNotFound();
}
FamilyDto familyDto = FamilyDtoAssembler.GetDtoFromFamily(f);
return Json(familyDto, JsonRequestBehavior.AllowGet);
}
[HttpPost]
public ActionResult CreateFamily(FamilyDto familyDto)
{
if (string.IsNullOrWhiteSpace(familyDto.Email))
{
return new HttpStatusCodeResult(409, "Email address is required.");
}
// check for already existing family with that email.
Family f = _studentDataAccess.GetFamilyByEmail(familyDto.Email.Trim());
if (f != null)
{
return new HttpStatusCodeResult(409, "Email address must be unique.");
}
// turn family into a Family object with Parents
Family family = FamilyDtoAssembler.GetFamilyFromDto(familyDto);
// save family via dal (username = family email)
_studentDataAccess.CreateFamily(family, family.Email);
// return redirect to family detail
return RedirectToRoute("FamilyDetailV1", new { email = family.Email });
}
[HttpPost]
public ActionResult CreateStudent(string email, StudentDto studentDto)
{
if (string.IsNullOrWhiteSpace(email))
{
return HttpNotFound();
}
Family family = _studentDataAccess.GetFamilyByEmail(email.Trim());
if (family == null)
{
return HttpNotFound();
}
Student s = StudentDtoAssembler.GetStudentFromDto(_repository, studentDto);
s.Family = family;
_studentDataAccess.CreateStudent(s, email);
return RedirectToRoute("StudentDetailV1", new { email = email, id = s.Id });
}
[HttpGet]
public ActionResult StudentDetail(string email, int id)
{
Student s = _studentDataAccess.GetStudent(id);
if (s == null || s.Family.Email != email)
{
return HttpNotFound();
}
StudentDto studentDto = GeneralDtoAssembler.GetSingleStudentDto(s, s.MatsRegistrations);
return Json(studentDto, JsonRequestBehavior.AllowGet);
}
我已经尝试了我所能想到的一切,从在web.config中将身份验证模式从“Windows”更改为“None”,到重新排序路由,再到返回RedirectToAction而不是RedirectToRoute,但都没有效果。请注意,如果我只是从CreateStudent返回一个直接的Json结果,而不是RedirectToRoute结果,那么它工作正常(状态为200,我看到的结果很好)。然而,我不明白为什么CreateStudion和CreateFamily的行为有所不同,这已经让我发疯两天了。哈lp?问题在于学生路线中的静态URL段。我将
StudentDetailV1
更改为“MyApi/v1/family/{email}/{id}”
,现在它工作正常。问题在于学生路线中的静态URL段。我将StudentDetailV1
更改为“MyApi/v1/family/{email}/{id}”
,现在它工作正常。如果GET/MyApi/v1/family会发生什么/email@foo.com/学生/123
是否直接在浏览器中?StudentDetail
操作正在执行还是您正在获得401?是的,Darin,如果您直接通过Fiddler或浏览器请求,那么StudentDetail
操作将正确执行。我认为这需要15个代表来回答您自己的问题,所以,如果你能获得另一次投票,你应该能够。如果你get/MyApi/v1/family会发生什么/email@foo.com/学生/123
是否直接在浏览器中?StudentDetail
操作正在执行还是您正在获得401?是的,达林,如果您直接通过Fiddler或浏览器请求,则StudentDetail
操作将正确执行。我认为这需要15个代表来回答您自己的问题,因此,如果您能够获得另一次投票,您应该能够获得。
/// <summary>
/// return json representation of FamilyDto
/// </summary>
/// <param name="email"></param>
/// <returns></returns>
[HttpGet]
public ActionResult FamilyDetail(string email)
{
Family f = _studentDataAccess.GetFamilyByEmail(email.Trim());
if (f == null)
{
return HttpNotFound();
}
FamilyDto familyDto = FamilyDtoAssembler.GetDtoFromFamily(f);
return Json(familyDto, JsonRequestBehavior.AllowGet);
}
[HttpPost]
public ActionResult CreateFamily(FamilyDto familyDto)
{
if (string.IsNullOrWhiteSpace(familyDto.Email))
{
return new HttpStatusCodeResult(409, "Email address is required.");
}
// check for already existing family with that email.
Family f = _studentDataAccess.GetFamilyByEmail(familyDto.Email.Trim());
if (f != null)
{
return new HttpStatusCodeResult(409, "Email address must be unique.");
}
// turn family into a Family object with Parents
Family family = FamilyDtoAssembler.GetFamilyFromDto(familyDto);
// save family via dal (username = family email)
_studentDataAccess.CreateFamily(family, family.Email);
// return redirect to family detail
return RedirectToRoute("FamilyDetailV1", new { email = family.Email });
}
[HttpPost]
public ActionResult CreateStudent(string email, StudentDto studentDto)
{
if (string.IsNullOrWhiteSpace(email))
{
return HttpNotFound();
}
Family family = _studentDataAccess.GetFamilyByEmail(email.Trim());
if (family == null)
{
return HttpNotFound();
}
Student s = StudentDtoAssembler.GetStudentFromDto(_repository, studentDto);
s.Family = family;
_studentDataAccess.CreateStudent(s, email);
return RedirectToRoute("StudentDetailV1", new { email = email, id = s.Id });
}
[HttpGet]
public ActionResult StudentDetail(string email, int id)
{
Student s = _studentDataAccess.GetStudent(id);
if (s == null || s.Family.Email != email)
{
return HttpNotFound();
}
StudentDto studentDto = GeneralDtoAssembler.GetSingleStudentDto(s, s.MatsRegistrations);
return Json(studentDto, JsonRequestBehavior.AllowGet);
}
HTTP/1.1 401 Unauthorized
Server: ASP.NET Development Server/10.0.0.0
Date: Tue, 17 Apr 2012 16:42:10 GMT
X-AspNet-Version: 4.0.30319
jsonerror: true
Cache-Control: private
Content-Type: application/json; charset=utf-8
Content-Length: 105
Connection: Close
{"Message":"Authentication failed.","StackTrace":null,"ExceptionType":"System.InvalidOperationException"}