My current error handling URLs look rather ugly:
http://localhost:65089/Error/NotFound?aspxerrorpath=/Foo
Would rather have something like this:
http://localhost:65089/Error/NotFound
Web Config Code
<system.web>
<customErrors mode="On" defaultRedirect="~/Error/Unknown">
<error statusCode="404" redirect="~/Error/NotFound" />
</customErrors>
Error Controller
public class ErrorController : Controller
{
//
// GET: /Error/
public ActionResult Unknown()
{
return View();
}
public ActionResult NotFound()
{
return View();
}
}
Thanks in advance!
You can modify Application_Error method in your Global.asax:
protected void Application_Error(object sender, EventArgs e)
{ Exception ex = Server.GetLastError();
if(ex is HttpException && ((HttpException)ex).GetHttpCode()==404)
{
Response.Redirect("/Error/NotFound");
}
}
Related
I'm pulling a razor view's markup from the database, as detailed in this question:
ASP.NET MVC load Razor view from database
I can pull the view, but it fails on execution because ViewBag is not recognized.
CS0103: The name 'ViewBag' does not exist in the current context
Any suggestions?
Here's the source:
global:
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
System.Web.Hosting.HostingEnvironment.RegisterVirtualPathProvider(new BearForce.Web.Core.DbPathProvider());
RegisterGlobalFilters(GlobalFilters.Filters);
RegisterRoutes(RouteTable.Routes);
}
my path provider:
namespace BearForce.Web.Core
{
public class DbPathProvider : VirtualPathProvider
{
public DbPathProvider()
: base()
{
}
public override bool FileExists(string virtualPath)
{
var repo = new Repository();
var viewPage = repo.GetView(240, virtualPath);
if (base.FileExists(virtualPath))
{
return true;
}
if (viewPage != null)
{
return true;
}
return false;
}
public override VirtualFile GetFile(string virtualPath)
{
if (base.FileExists(virtualPath))
{
return base.GetFile(virtualPath);
}
var repo = new Repository();
var result = repo.GetView(240, virtualPath);
var vf = new DbVirtualFile(virtualPath, result.Markup);
return vf;
}
}
}
my Virtual File:
public class DbVirtualFile : System.Web.Hosting.VirtualFile
{
string _fileContents = string.Empty;
public DbVirtualFile(string path, string fileContents)
: base(path)
{
_fileContents = fileContents;
}
public override System.IO.Stream Open()
{
return new System.IO.MemoryStream(System.Text.ASCIIEncoding.ASCII.GetBytes(_fileContents));
}
}
My Controller:
public ActionResult Index()
{
ViewBag.Title = "aaah!!! Muppets!!! Help!!!!!";
return View();
}
Obviously, this is a proof of concept, so the names are all silly and the code sloppy as hell...
For future people who get this error, you can get this exact error if your web.config files are missing from your Views and your root project folder.
You should make sure that the view you are returning corresponds to a razor view. Here's a simplified working example:
public class CustomPathProvider : VirtualPathProvider
{
private class CustomVirtualFile : VirtualFile
{
public CustomVirtualFile(string path)
: base(path)
{ }
public override Stream Open()
{
return new MemoryStream(Encoding.UTF8.GetBytes("Hello #ViewBag.Name"));
}
}
public override bool FileExists(string virtualPath)
{
// This is very important: make sure that here you
// are returning true only for Razor view pages or
// you won't have ViewBag.
// In this oversimplified example we support
// the index view for the home controller
return virtualPath == "/Views/Home/Index.cshtml";
}
public override VirtualFile GetFile(string virtualPath)
{
return new CustomVirtualFile(virtualPath);
}
}
which would be registered in Application_Start:
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
RegisterGlobalFilters(GlobalFilters.Filters);
RegisterRoutes(RouteTable.Routes);
HostingEnvironment.RegisterVirtualPathProvider(new CustomPathProvider());
}
and finally a sample controller:
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Name = "John";
return View();
}
}
And a final very important remark if you are implementing a custom VirtualPathProvider:
This doesn't work if your web application is precompiled. So if you are using precompilation (things like Publish... or Web Deployment Projects) your custom virtual path provider will never be used.
i have a project using ASP.Net MVC3 and using membership for roles. i use authorize in every controller.
eg:
[Authorize(Roles = "Administrator")]
public ActionResult Index(string q, int i)
{
return View(model);
}
if someone doesnt have role for administrator, then it will redirect to login page by default. how to change it,so it will redirect into Views/Shared/UnAuthorize.cshtml ? or maybe if someone doesnt have role for administrator, it will show message box (alert) ?
thanks in advance.
i solved my problem. i only do this :
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
public class MyAuthorize : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
//you can change to any controller or html page.
filterContext.Result = new RedirectResult("/cpanel/roles/unauthorize");
}
}
and apply MyAuthorize to class or action:
[MyAuthorize]
public class AdminController :Controller
{
}
thats it.
Just change the page that have to be shown in the web.config (check that the route exists)
<authentication mode="Forms">
<forms loginUrl="~/UnAuthorize" timeout="2880" />
</authentication>
If you, instead, want to redirect to a specific path for every roles you can extend the AuthorizeAttribute with your own. Something like this (not tested, I write this to give you an idea)
public class CheckAuthorize : ActionFilterAttribute
{
public Roles[] Roles { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
//Your code to get the user
var user = ((ControllerBase)filterContext.Controller).GetUser();
if (user != null)
{
foreach (Role role in Roles)
{
if (role == user.Role)
return;
}
}
RouteValueDictionary redirectTargetDictionary = new RouteValueDictionary();
if user.Role==Role.Administrator
{
redirectTargetDictionary.Add("action", "Unauthorized");
redirectTargetDictionary.Add("controller", "Home");
}
else
{
redirectTargetDictionary.Add("action", "Logon");
redirectTargetDictionary.Add("controller", "Home");
}
filterContext.Result = new RedirectToRouteResult(redirectTargetDictionary);
}
}
Well, you can inherit from AuthorizeAttribute and override HandleUnauthorizedRequest which is responsible for redirection of unauhorized/unauthenticated requests. i think this question will be helpful to you
My own version, based on ntep vodka's:
public class CustomAuthorizeAttribute : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(IsUserAuthenticated(filterContext.HttpContext))
{
filterContext.Result = new RedirectResult("/Account/InvalidRole");
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
private bool IsUserAuthenticated(HttpContextBase context)
{
return context.User != null && context.User.Identity != null && context.User.Identity.IsAuthenticated;
}
}
This way I get standard redirect to login page for not authenticated users, and custom redirect for users that are authenticated but don't have the appropriate role for the action.
The code below helped and here is the reference in stackoverflow
ASP.NET MVC 4 custom Authorize attribute - How to redirect unauthorized users to error page?
public class CustomAuthorize: AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if(!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
base.HandleUnauthorizedRequest(filterContext);
}
else
{
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new{ controller = "Error", action = "AccessDenied" }));
}
}
}
I use this method and it is very easy to implement.
Securing Asp.net MVC3
Change your default route to logon page in global.asax
I was thinking how to correctly secure JsonResult action with custom attribute instead of doing kind of this on each action like saying here ASP.NET MVC JsonResult and AuthorizeAttribute
if (!User.Identity.IsAuthenticated)
return Json("Need to login");
But the question is how could i create such attribute which would return Json.
So i've started from that:
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
public class JsonAuthorizeAttribute : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
IPrincipal user = httpContext.User;
if (!user.Identity.IsAuthenticated)
{
//?
}
//Need to return json somehow ?
}
}
Bot how i may return json result from such attribute? any ideas?
You can use an ActionFilterAttribute which allows you to return a result without using the httpcontext.response.write or anything.
public class JsonActionFilterAttribute : ActionFilterAttribute {
public override void OnActionExecuting(ActionExecutingContext filterContext) {
if (!HttpContext.Current.User.Identity.IsAuthenticated) {
filterContext.Result = new JsonResult() { Data = "Need to login." };
}
base.OnActionExecuting(filterContext);
}
}
1 way is to override AuthorizeAttribute.HandleUnauthorizedRequest
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
throw new CustomUnauthorizedException();
}
... And then in your Global.asax:
protected void Application_Error(object sender, EventArgs e)
{
Exception error = Server.GetLastError();
if (error is CustomUnauthorizedException) {
if (AjaxRequest(Request)) {
... return Json response.
} else {
... redirect
}
}
}
So you can throw the exception anywhere in your codebase and you've centralized the handling of that exception in Global.asax
Try this.. it works for me
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
dynamic ResponseObj = new JObject();
ResponseObj.Message = "Authorization has been denied for this request.";
string jsonString = Newtonsoft.Json.JsonConvert.SerializeObject(ResponseObj);
actionContext.Response = new HttpResponseMessage
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent(jsonString, System.Text.Encoding.UTF8,"application/json")
};
}
I am trying to setup database profiling with my ASP.NET MVC3 application. I have followed every blog I can find about this and the result is:
In web.config:
<system.data>
<DbProviderFactories>
<remove invariant="MvcMiniProfiler.Data.ProfiledDbProvider" />
<add name="MvcMiniProfiler.Data.ProfiledDbProvider" invariant="MvcMiniProfiler.Data.ProfiledDbProvider" description="MvcMiniProfiler.Data.ProfiledDbProvider" type="MvcMiniProfiler.Data.ProfiledDbProviderFactory, MvcMiniProfiler, Version=1.6.0.0, Culture=neutral, PublicKeyToken=b44f9351044011a3" />
</DbProviderFactories>
</system.data>
In Global.asax:
protected void Application_Start()
{
Bootstrapper.Run();
MiniProfiler.Settings.SqlFormatter = new SqlServerFormatter();
var factory = new SqlConnectionFactory(ConfigurationManager.ConnectionStrings["TemplateDB"].ConnectionString);
var profiled = new MvcMiniProfiler.Data.ProfiledDbConnectionFactory(factory);
Database.DefaultConnectionFactory = profiled;
}
protected void Application_BeginRequest()
{
if (Request.IsLocal) { MiniProfiler.Start(); }
}
protected void Application_EndRequest()
{
MiniProfiler.Stop();
}
In controller:
public ActionResult About()
{
var profiler = MiniProfiler.Current;
using (profiler.Step("call database"))
{
ProjectResult result = projectService.Create("slug");
return View();
}
}
I am using the repository patterns and my EF Code first lives in another project that is referenced by the MVC application.
My database class looks like:
public class Database : DbContext
{
public Database(string connection) : base(connection)
{
}
public DbSet<Project> Projects { get; set; }
protected override void OnModelCreating(DbModelBuilder modelBuilder)
{
modelBuilder.Entity<Project>().Property(p => p.Slug).IsUnicode().IsRequired().IsVariableLength().HasMaxLength(64);
}
public virtual void Commit()
{
base.SaveChanges();
}
}
My database factory looks like:
public class DatabaseFactory : Disposable, IDatabaseFactory
{
private readonly string connectionString;
private Database database;
public DatabaseFactory(string connectionString)
{
Check.Argument.IsNotNullOrEmpty(connectionString, "connectionString");
this.connectionString = connectionString;
}
public Database Get()
{
return database ?? (database = new Database(connectionString));
}
protected override void DisposeCore()
{
if (database != null)
database.Dispose();
}
}
When I run my application the profiler will not show any database profiling at all, just the regular execution time of the controller/view.
Any help is appreciated.
Thanks
Solved by installing the Nuget MiniProfiler and MiniProfiler.EF package. Add the following in the Global.asax
protected void Application_Start()
{
MiniProfilerEF.Initialize();
}
protected void Application_BeginRequest()
{
if (Request.IsLocal)
{
MiniProfiler.Start();
}
}
protected void Application_EndRequest()
{
MiniProfiler.Stop();
}
And finally add the below code to the head tage below JQuery of your markup.
#MvcMiniProfiler.MiniProfiler.RenderIncludes()
You're set. Works like a charm.
The notes for EF / Code First, state that your factory and other code must be run BEFORE any EF stuff, which leads me to suspect that installing this code in Application_Start is too late. Try creating a pre-start class, as follows:
[assembly: WebActivator.PreApplicationStartMethod(typeof(MyApp.App_Start.AppStart_MiniProfiler), "Start")]
namespace MyApp.App_Start
{
[INSERT using DECLARATIONS]
public static class AppStart_MiniProfiler
{
public static void Start()
{
Bootstrapper.Run();
MiniProfiler.Settings.SqlFormatter = new SqlServerFormatter();
var factory = new SqlConnectionFactory(ConfigurationManager.ConnectionStrings["TemplateDB"].ConnectionString);
var profiled = new MvcMiniProfiler.Data.ProfiledDbConnectionFactory(factory);
Database.DefaultConnectionFactory = profiled;
}
}
}
Create an App_Start folder in your project, and place this class in the App_Start folder.
I set custom error enable in Web.config:
<customErrors mode="On"/>
and, in Application_Start, put these:
protected void Application_Error(object sender, EventArgs e) {
var ex = Server.GetLastError().GetBaseException();
var routeData = new RouteData();
if (ex.GetType() == typeof(HttpException)) {
var httpException = (HttpException)ex;
var code = httpException.GetHttpCode();
routeData.Values.Add("status", code);
} else {
routeData.Values.Add("status", -1);
}
routeData.Values.Add("action", "Index");
routeData.Values.Add("controller", "Error");
routeData.Values.Add("error", ex);
IController errorController = new Kavand.Web.Controllers.ErrorController();
errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData));
}
also I create an error controller like this:
public class ErrorController : Kavand.Web.Mvc.Kontroller
{
public ActionResult Index(int status, Exception error) {
Response.StatusCode = status;
HttpStatusCode statuscode = (HttpStatusCode)status;
return View(statuscode);
}
}
but, when an error occurred, the yellow-page shown, instead of my custom view! can everybody help me please?!
Thanks a lot, regards
Don't forget to clear the error in Application_Error after fetching it:
protected void Application_Error(object sender, EventArgs e)
{
var ex = Server.GetLastError().GetBaseException();
Server.ClearError(); // <-- that's what you are missing
var routeData = new RouteData();
...
}
Also it is important to remove the HandleErrorAttribute global attribute which is added in the RegisterGlobalFilters static method in Global.asax as you no longer need it.
You may also find the following answer useful.