The Request.IsAuthenticated is false when receive an ajax request in asp.net mvc

Question

I have a ASP.Net MVC5 application and it have running for several months. However, I have found some strange things today.

If I logged into this application and lay aside one page for an hour without any operation, and then I send an ajax request using JQuery to the server, on the server side, System.Web.HttpContext.Current.Request.IsAuthenticated is false.

However, if I send a "get" request not ajax request(e.g. just press F5 to refresh this page), the IsAuthenticated is true. I have check that the .AspNet.ApplicationCookie cookie is sent to the server correctly.

Why is the Request.IsAuthenticated false when receiving an ajax request?

Take a look on http://stackoverflow.com/questions/5258721/authorize-attribute-and-jquery-ajax-in-asp-net-mvc — Benjamin Abt, May 18 '16 at 21:32
Please show the code that you're using to send the ajax request. It sounds like the cookies aren't being sent with the ajax request, but are when the browser does a refresh. — Brendan Green, May 18 '16 at 21:48

score 0 · Answer 1 · edited May 23 '17 at 12:07

0

You have to include an Authorization header with the bearer token in the ajax call. Please see this reponse as an example, and don't forget the string 'Bearer ' before the token. I hope it helps.

edited May 23 '17 at 12:07

Community

1
1

answered May 18 '16 at 21:30

jumuro

1,517
15
17

score 0 · Answer 2 · answered May 19 '16 at 10:11

Thank you all!

I have found that I have misunderstood the Get request.In Fact, the Get request is expired too. Since I have SSO server, the browser just redirect to the SSO site and redirect back. That cause I thought the Get requst is not expired. I have set ExpireTimeSpan = TimeSpan.FromHourss(8) in app.UseCookieAuthentication and then this problem was fixed.

The Request.IsAuthenticated is false when receive an ajax request in asp.net mvc

2 Answers2