This is a migrated thread and some comments may be shown as answers.
What to do when formsauthentication expires on ajax calls?
9 Answers 79 Views
This is a migrated thread and some comments may be shown as answers.
christopher willis
Top achievements
Rank 1
christopher willis asked on 13 Nov 2008, 08:44 PM

This affects lots of ajax functionality, but for this example, I'll use the ajax spell checker in the radeditor.    I had some users complain that the spell checker seemed to 'freak out' every now and then, and I traced it to this.

To reproduce, use forms authentication with a login URL and a short timeout of 1, (just so you don't have to wait long for this test).

 

        <authentication mode="Forms">  
            <forms name=".userauth" loginUrl="IC/Login.aspx" protection="All" timeout="1"/>  
        </authentication> 

 

 

 

 

Wait at least a minute then click on spell check.  You should get this JavaScript error:

Microsoft JScript runtime error: Sys.ArgumentException: Cannot deserialize. The data does not correspond to valid JSON.
Parameter name: data

This happens because the forms auth. timed out and the ajax request was redirected to the login page.  The login page is HTML and not JSON, so MS ajax throws the above error.  The spell checker is left onscreen and cannot be closed as both Finish and Cancel are disabled.

My question is: is there anything that can be done for this, like catching the error somehow, and throwing up a login dialog? 

What I have done in the past is ping the server every 10 minutes with JavaScript to keep formsauth. alive.  I'd like to avoid that technique if possible as it didn't seem to be reliable all the time, and it left users logged in too long.

Thanks

9 Answers, 1 is accepted

Sort by
0
Nikolay Raykov
Telerik team
answered on 17 Nov 2008, 03:37 PM
Hello Christopher,

There really exists such an issue. Here is a piece of code you can use to bypass the spell check error :

<script type="text/javascript">
Telerik.Web.UI.SpellCheckService.prototype.oldProcessResponse = Telerik.Web.UI.SpellCheckService.prototype._processResponse;
Telerik.Web.UI.SpellCheckService.prototype._processResponse = function(executor, args)
{
     try
     {
         this.oldProcessResponse(executor, args);
     }
     catch(e)
     {
         //Do some logic here, i.e. redirect to login page       
     }
}
</script>

We will fix this issue in the next release. Thank you for reporting it to us!

All the best,
Nikolay Raykov
the Telerik team

Check out Telerik Trainer, the state of the art learning tool for Telerik products.
0
christopher willis
Top achievements
Rank 1
answered on 17 Nov 2008, 04:49 PM
Thanks for the workaround for the spell checker. 
What would be nice perhaps is to protect all the various ajax calls made by the editor (and other controls) with some sort of OnClientAjaxError client side function that we could handle.  I could then throw up a login dependeding on what happened on the arguments to this function.
0
Nikolay Raykov
Telerik team
answered on 20 Nov 2008, 02:31 PM
Hello Christopher,

Thank you for your suggestion! We will consider it.

Sincerely yours,
Nikolay Raykov
the Telerik team

Check out Telerik Trainer, the state of the art learning tool for Telerik products.
0
christopher willis
Top achievements
Rank 1
answered on 30 Dec 2008, 03:14 PM
Will the next service pack have anything like I described above (like clientside events) to help deal with forms auth. timeouts on various ajax calls within the tools?
0
Nikolay Raykov
Telerik team
answered on 05 Jan 2009, 04:48 PM
Hi Christopher,

I am afraid that this functionality will not be part of Service Pack 2 for Q3 2008 release version which is scheduled for next week - we've had to postpone the implementation for one of the following updates because of other tasks with higher priority. I can assure you however that this implementation is in our ToDo list and we will provide it in one of the following updates.

For the time being you can continue to use the workaround that we gave you.


Regards,
Nikolay Raykov
the Telerik team

Check out Telerik Trainer, the state of the art learning tool for Telerik products.
0
christopher willis
Top achievements
Rank 1
answered on 06 Nov 2009, 07:26 PM
Hello,
Has expiring forms authentication for ajax calls (for example spell checker) been addressed yet?
0
Lini
Telerik team
answered on 12 Nov 2009, 08:19 AM
Hello,

The best way to handle expired form authentication is to add a <location> element in your web.config for the spell check handler URL and the dialog handler URL and set them to require no authentication. This way you will be able to access them at all times.

Regards,
Lini
the Telerik team

Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
0
Amber
Top achievements
Rank 1
answered on 10 Dec 2010, 07:30 PM
Can you post an example of the config file tags?  I'm having the same problem every time I run the spell checker after upgrading from and older asp version to the latest asp.net ajax version.
0
Rumen
Telerik team
answered on 15 Dec 2010, 12:52 PM
Hi Amber,

You should add the following two <location> entries to the web.config:

<location path="Telerik.Web.UI.SpellCheckHandler.axd">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location>
<location path="Telerik.Web.UI.DialogHandler.aspx">
  <system.web>
    <authorization>
      <allow users="*"/>
    </authorization>
  </system.web>
</location


Kind regards,
Rumen
the Telerik team
Browse the vast support resources we have to jump start your development with RadControls for ASP.NET AJAX. See how to integrate our AJAX controls seamlessly in SharePoint 2007/2010 visiting our common SharePoint portal.
Asked by
christopher willis
Top achievements
Rank 1
Answers by
Nikolay Raykov
Telerik team
christopher willis
Top achievements
Rank 1
Lini
Telerik team
Amber
Top achievements
Rank 1
Rumen
Telerik team
Share this question
or