HttpContext.Current.User.Identity.IsAuthenticated返回false [英] HttpContext.Current.User.Identity.IsAuthenticated returns false

问题描述

我有一个奇怪的问题。

我有一个网页下面code。

I have a page with the following code.

if (!HttpContext.Current.User.Identity.IsAuthenticated)
    {
        Server.Transfer(@"~/Views/Public/Unauthorised.aspx");
        return;
    }

由于某些原因，有一个用户（以及我们已经把范围缩小到了单机和Windows登录配置文件）， IsAuthenticated 始终返回false。即使他登录到网站，可以浏览到需要经过身份验证的用户的其他页面。除了这一个页面。

For some reason, with one user (and we've narrowed it down to his single machine and windows logon profile), IsAuthenticated always returns false. Even though he is logged into the website, and can navigate to other pages that require authenticated user. Except this one page.

我们检查了机器接受所有Cookie，我们仍然得到同样的问题。我不知道在哪里可以从这里...任何建议？

We checked that the machine accepts all cookies and we still get the same issue. I'm not sure where to go from here... any suggestions?

推荐答案

有至少两个已知的情况下，可以使这种行为。

There are at least two known cases that can make this behavior.

第一种情况当您将 requireSSL =真正的关于的web.config ，你从非安全页面调用该函数。所以，仔细检查，如果页面是安全与否，如果你使用 requireSSL =真正的

First case when you have set requireSSL="true" on the Authentication session on web.config and you call that function from a non secure page. So double check if the page is secure or not, if you use the requireSSL="true"

Debug.Assert(Request.IsSecureConnection, "The IsAuthenticated will fail.");
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
    Server.Transfer(@"~/Views/Public/Unauthorised.aspx");
    return;
}

第二种情况：当你没有设置域=site.com再次在web.config里面认证会话，您尝试从 www.yoursitename.com 和其他从 yoursitename.com 请求cookie中的一次。在这种情况下，认证cookie是不同的，它将会失败。因此，设置等等在web.config中的参数。

Second case when you do not have set the domain="site.com" again on authentication session inside the web.config, and you try to request a cookie the one time from the www.yoursitename.com and the other from yoursitename.com. In that case the authentication cookies are different and it will fail. So set that parameter among others on web.config.

<authentication mode="Forms">
  <forms domain="yoursitename.com"  />
</authentication>

这篇关于HttpContext.Current.User.Identity.IsAuthenticated返回false的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！