1. 技术文章
  2. User.Identity.IsAuthenticated is false after successful login

User.Identity.IsAuthenticated is false after successful login

我的梦境 提交于 2019-11-27 01:48:07

问题


I need to get the UserId Guid directly after a successful login. The following code doesn't work:

if (Membership.ValidateUser(txtUsername.Value, txtPassword.Value))
{
    FormsAuthentication.SignOut();
    FormsAuthentication.SetAuthCookie(txtUsername.Value, true);

    if (HttpContext.Current.User.Identity.IsAuthenticated)
    {
        // doesn't run
        Guid puk = (Guid)Membership.GetUser().ProviderUserKey;            
    }
}

The following code does work:

if (Membership.ValidateUser(txtUsername.Value, txtPassword.Value))
{
    FormsAuthentication.SignOut();
    FormsAuthentication.SetAuthCookie(txtUsername.Value, true);

    MembershipUser user = Membership.GetUser(txtUsername.Value);

    if (user != null)
    {
        Guid puk = (Guid)user.ProviderUserKey;
    }
}

Why does this happen? Is there something more to do besides SetAuthCookie?


回答1:


Because when you call FormsAuthentication.SetAuthCookie(txtUsername.Value, true); you store the key on the client's cookies. For this you need to do a response to the user. And for HttpContext.Current.User.Identity to be filled with cookie you need one more request.

In short your scheme looks like this:

  1. Client sends his UserName and Password.

  2. Server gets and checks it. If they are valid the server sends Set-Cookie header to the client.

  3. Client receives and stores it. For each request client sends cookies back to the server.

UPDATE for @Jake

Adding an example of setting User in HttpContext

var identity = new System.Security.Principal.GenericIdentity(user.UserName);
var principal = new GenericPrincipal(identity, new string[0]);
HttpContext.Current.User = principal;
Thread.CurrentPrincipal = principal;

Note that you could create your custom principal class inheriting from GenericPrincipal or ClaimsPrincipal




回答2:


I had the same problem too. I forgot to set the web.config configuration.

Maybe you missed too.

   <system.web> 
    <authentication mode="Forms">
      <forms loginUrl="~/user/login" timeout="1000" name="__Auth" />
    </authentication>  
  </system.web>



回答3:


In my development environment case, requireSSL property was set to true, I fixed the problem by changing it to requireSSL = false.




回答4:


I tried all the above solutions ,but the thing that solves my problem was commenting this in web.config

 <modules>
  <remove name="FormsAuthentication"/>
 </modules>


来源:https://stackoverflow.com/questions/17642630/user-identity-isauthenticated-is-false-after-successful-login

标签
c#
ASP.NET
asp.net-membership
asp.net-4.5
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!