C# User.Identity.IsAuthenticated 登录成功后为false
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17642630/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
User.Identity.IsAuthenticated is false after successful login
提问by user982119
I need to get the UserId Guid directly after a successful login. The following code doesn't work:
我需要在成功登录后直接获取 UserId Guid。以下代码不起作用:
if (Membership.ValidateUser(txtUsername.Value, txtPassword.Value))
{
FormsAuthentication.SignOut();
FormsAuthentication.SetAuthCookie(txtUsername.Value, true);
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
// doesn't run
Guid puk = (Guid)Membership.GetUser().ProviderUserKey;
}
}
The following code does work:
以下代码确实有效:
if (Membership.ValidateUser(txtUsername.Value, txtPassword.Value))
{
FormsAuthentication.SignOut();
FormsAuthentication.SetAuthCookie(txtUsername.Value, true);
MembershipUser user = Membership.GetUser(txtUsername.Value);
if (user != null)
{
Guid puk = (Guid)user.ProviderUserKey;
}
}
Why does this happen? Is there something more to do besides SetAuthCookie?
为什么会发生这种情况?除此之外还有什么可做的SetAuthCookie吗?
采纳答案by Oleksii Aza
Because when you call FormsAuthentication.SetAuthCookie(txtUsername.Value, true);you store the key on the client's cookies. For this you need to do a response to the user.
And for HttpContext.Current.User.Identityto be filled with cookie you need one more request.
因为当您调用时,FormsAuthentication.SetAuthCookie(txtUsername.Value, true);您会将密钥存储在客户端的 cookie 中。为此,您需要对用户进行响应。而对于HttpContext.Current.User.Identity被填充的cookie,你需要多一个请求。
In short your scheme looks like this:
简而言之,您的方案如下所示:
Client sends his UserName and Password.
Server gets and checks it. If they are valid the server sends
Set-Cookieheader to the client.Client receives and stores it. For each request client sends cookies back to the server.
客户发送他的用户名和密码。
服务器获取并检查它。如果它们有效,服务器将向
Set-Cookie客户端发送标头。客户端接收并存储它。对于每个请求,客户端将 cookie 发送回服务器。
UPDATE for @Jake
更新@Jake
Adding an example of setting Userin HttpContext
添加设置的一个例子User在HttpContext
var identity = new System.Security.Principal.GenericIdentity(user.UserName);
var principal = new GenericPrincipal(identity, new string[0]);
HttpContext.Current.User = principal;
Thread.CurrentPrincipal = principal;
Note that you could create your custom principal class inheriting from GenericPrincipalor ClaimsPrincipal
请注意,您可以创建您的自定义主体类继承自GenericPrincipal或ClaimsPrincipal
回答by cihancoskun
I had the same problem too. I forgot to set the web.config configuration.
我也有同样的问题。我忘了设置 web.config 配置。
Maybe you missed too.
也许你也错过了。
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/user/login" timeout="1000" name="__Auth" />
</authentication>
</system.web>
回答by Musab
I tried all the above solutions ,but the thing that solves my problem was commenting this in web.config
我尝试了上述所有解决方案,但解决我的问题的方法是在 web.config 中对此进行评论
<modules>
<remove name="FormsAuthentication"/>
</modules>
回答by doganak
In my development environment case, requireSSL property was set to true, I fixed the problem by changing it to requireSSL = false.
在我的开发环境案例中,requireSSL 属性设置为 true,我通过将其更改为requireSSL = false.
