Search code examples
c#asp.netasp.net-mvc-4asp.net-identity

Using Html.Action causes query string too long error

I have a _LayoutView:

@{
    Layout = "~/Views/Shared/_NavLayout.cshtml";
}
@section styles
{
    @RenderSection("styles", required: false)
}
<div class="container" style="padding-top: 60px;">
    <div class="row">
        <div class="col-md-12">
              @Html.Action("AccountNavigation")  
        </div>
    </div>
    @RenderSection("InlineTitle", required:false)
    @RenderBody()
</div>


@section scripts {
    @Scripts.Render("~/bundles/jqueryval")
    @RenderSection("scripts", required: false)
}

That renders fine if I remove the 

 @Html.Action("AccountNavigation")

Otherwise I get:

404.15

The action method is:

 [ChildActionOnly]
    public ActionResult AccountNavigation()
    {
        var roles = UserManager.GetRoles(User.Identity.GetUserId());
        ViewBag.IsAdmin = roles.Contains("Admin");
        return PartialView("_AccountNavigatorPartial");
    }

And Ive tried stripping it back to just:

 [ChildActionOnly]
        public ActionResult AccountNavigation()
        {

            ViewBag.IsAdmin = false;
            return null; 
        }

But it makes no difference.

One of the child views that uses the layout is Login.

   [AllowAnonymous]
    public ActionResult Login(string returnUrl)
    {
        ViewBag.OidLoginFailed = false;
        ViewBag.ReturnUrl = returnUrl;
        return View();
    }

If I put a break piont in there I can see its being called multiple times per request and building up the ReturnUrl until it fails hence the error message. This is why I stripped back the AccountNavigation ActionMethod.

I thought maybe an anon request was causing a post back via some config setting that says if Anon redirect to Login and round and round it would go but I cant see where that is being triggered.

The account _AccountNavigatorPartial is just:

 <ul class="nav navbar-nav navbar-Left">
     <li>@Html.ActionLink("Manage Credentials", "Credentials", "Account", 
             routeValues: null, htmlAttributes: new { id = "credentialsLink" })</li>
     <li>@Html.ActionLink("Manage Profile", "Profile", "Account", 
             routeValues: null, htmlAttributes: new { id = "credentialsLink" })</li>
 </ul>

So all I'm trying to do is inject some html for account navigation. I'm using ASP.Identity for membership but I cant see how that makes any difference as I'm requesting an Anon accessible page.

Solution

  • It's hard to tell without seeing the controller and knowing how you are handling authorization, however, since your login page is using that Layout, you may be experiencing a circular call due to failure of authorization on you child action.

    Have you tried adding the attribute [AllowAnonymous] to your child action?