Error: Cannot redirect after HTTP headers have been sent

Posted by Santosh.Impossible under ASP.NET MVC on 7/25/2014 | Points: 10 | Views : 3554 | Status : [Member] | Replies : 0
Hi WebGurus,

I am working on mvc2 application which uses ADFS as authentication process. I have implemented a custom handler for monitoring the application parameters.
I have set the following code in the web.config file:
<add name="AppMonitorCheckHandler" verb="*" path="AppMonitor" type="Demo. Framework.Monitor.Web.AppMonitorCheckHttpHandler, Demo.Framework.Monitor"/>

<location path="AppMonitor">
<allow users="*"/>

The above handler is can be accessed by both authenticated as well as anonymous users.

Hence if any user tries to access the URL: he should be able to see the AppMonitor related pages.

But whenever user tries to access the URL: he gets an error:
System.Web.HttpException: Cannot redirect after HTTP headers have been sent.
System.Web.HttpException (0x80004005): Cannot redirect after HTTP headers have been sent.
at System.Web.HttpResponse.Redirect(String url, Boolean endResponse, Boolean permanent)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.RedirectToIdentityProvider(String uniqueId, String returnUrl, Boolean persist)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

On debugging the code, I saw that the Thread.CurrentPrincipal.Identity.IsAuthenticated is false and Thread.CurrentPrincipal is IClaimsPrincipal is true and hence the entire condition is false and is control is going out of the if condition and is giving the above mentioned error.

protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
if (Thread.CurrentPrincipal.Identity.IsAuthenticated && Thread.CurrentPrincipal is IClaimsPrincipal)
if (!((IClaimsPrincipal)Thread.CurrentPrincipal).Identities[0].Claims.Exists(c => c.ClaimType == "DemoUser_UserAuthorized")
|| !Convert.ToBoolean(((IClaimsPrincipal)Thread.CurrentPrincipal).Identities[0].Claims.Single(c => c.ClaimType == "DemoUser_UserAuthorized").Value))
//Avoid Redirection for static files (used in Access denied page)
List<string> staticcontentpaths = new List<string> { ".css", ".js", ".png", ".gif", ".jpg", ".jpeg", ".ico" };
string extension = Path.GetExtension(HttpContext.Current.Request.PhysicalPath).ToLower();
if (!staticcontentpaths.Contains(extension))

I have also added the following code in the Register

public static void RegisterRoutes(RouteCollection routes)


Can anyone help me resolve the above issue?

Thanks & Regards,
Santosh Kumar Patro

santosh kumar patro


(No response found.)

Login to post response