在 asp.net 中设置 Request.IsAuthenticated = true
我有一个用户注册,但 IsApproved 为 false,但当我检查 Request.IsAuthenticated 时,它仍然返回 true。
你知道这是怎么发生的吗?
Possible Duplicate:
asp.net membership IsApproved false but still allowing login
i am having a user register but IsApproved is false but when i check Request.IsAuthenticated it still returns true.
Do you know how this can happen?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
HttpRequest.IsAuthenticated 返回 true,如果HttpContext.User.Identity 不为 null,并且其 IsAuthenticated 属性返回 true。
当前身份在 FormsAuthenticationModule,但这与你的MembershipProvider无关。 事实上,它甚至没有引用它。 它所做的只是检查身份验证 cookie 是否仍然设置并且仍然有效(按原样,尚未过期)。
我认为问题是您正在调用 FormsAuthentication 方法,例如 RedirectFromLoginPage,其中是设置身份验证cookie。 如果您需要等到用户获得批准,那么您需要确保您没有设置 cookie。
HttpRequest.IsAuthenticated returns true if HttpContext.User.Identity is not null and it's IsAuthenticated property returns true.
The current identity is set in the FormsAuthenticationModule, but it has nothing to do with your MembershipProvider. In fact, it doesn't even reference it. All it does is check to see if the authentication cookie is still set and is still valid (as is, has not expired).
I think the problem is that you are calling one of the FormsAuthentication methods like RedirectFromLoginPage, which is settings the authentication cookie. If you need to wait until the user is approved, then you need to make sure you are not setting the cookie.