如何Request.IsAuthenticated工作？ [英] How does Request.IsAuthenticated work?

问题描述

MSDN code样品描述：下面的code示例使用IsAuthenticated属性来确定当前请求是否已经过身份验证。如果没有经过验证，该请求被重定向到另一个页面，在这里用户可以输入他们的凭据到Web应用程序。这是在默认页面用于一个应用程序的常用技术。

MSDN Code Sample Description: The following code example uses the IsAuthenticated property to determine whether the current request has been authenticated. If it has not been authenticated, the request is redirected to another page where users can enter their credentials into the Web application. This is a common technique used in the default page for an application.

这是伟大的，但没有任何细节或任何...

This is great but no detail or anything...

究竟它是什么检查？我该如何将它设置为true？

What exactly is it checking for? How do I set it to true?

走一英里：我会在哪里找到更多这方面的详细的文档

Go the extra mile: Where would I find more detailed documentation about this?

推荐答案

感谢谷歌，我发现后@keyboardP的缓存版本指的他的回答。我在这里张贴的答案/岗位作为其他基准，因为原来的链接被打破（2012年12月6日）。

Thanks to Google, I found a cached version of the post @keyboardP refers to in his answer. I'm posting that answer/post here as a reference for others since the original link is broken (2012-12-06).

<一个href=\"http://webcache.googleusercontent.com/search?q=cache:2Z_nRCatkYMJ%3awww.dotnet247.com/247reference/message.aspx?vote=bfbaf71d-8903-4a47-b0cf-18ff1db2693c&id=114539&threadid=305905%20&cd=2&hl=en&ct=clnk&lr=lang_en%7Clang_de%7Clang_pl\">Original问题的，下面的答案是指：

Original question that the answer below refers to:

我有一个是给我一个基于表单的应用程序适合。我注意到，在
其中IsAuthenticated属性已经真正的位置，这是现在
假，如预期的那样是行不通的。我想知道如果我有一个
设置，是无效的？

I have a forms based application that is giving me fits. I noticed that, in a location where the IsAuthenticated property had been True, it was now false and the was not working as expected. I am wondering if I have a setting that is invalid??

谁能告诉我什么设置IsAuthenticated属性为True - 什么
constitues登录。

Can anyone tell me what sets the IsAuthenticated property to True--what constitues logging in.

由丹尼尔·肯特答：

Request.IsAuthenticated 不只是形式authentciation - 它是有效的
无论使用的是什么类型的身份验证（在Windows，护照，
表格或自己的自定义方案）

Request.IsAuthenticated is not just for forms authentciation - it is valid no matter what type of authentication is being used (Windows, Passport, Forms or our own custom scheme)

的Htt prequest.IsAuthenticated 当用户发出请求将是真实的
已经被验证。从本质上讲，这个属性提供了相同的
信息 Context.User.Identity.IsAuthenticated 。

HttpRequest.IsAuthenticated will be true when the user making the request has been authenticated. Essentially, this property provides the same information as Context.User.Identity.IsAuthenticated.

在请求的开始， Context.User.Idenity 包含 GenericIdentity
使用空用户名。在 IsAuthenticated 属性这个对象
返回假所以 Request.IsAuthenticated 将假。当
认证模块处理 Application_AuthenticateRequest 事件
successfuly验证它取代了用户的 GenericIdentity 中
Context.User.Identity 用新的的IIdentity 对象，将返回真正从
其 IsAuthenticated 属性。 Request.IsAuthenticated 然后返回真正。

At the start of a request, Context.User.Idenity contains a GenericIdentity with a null username. The IsAuthenticated property for this object will return false so Request.IsAuthenticated will be false. When an authentication module handles the Application_AuthenticateRequest event and successfuly authenticates the user it replaces the GenericIdentity in Context.User.Identity with a new IIdentity object that will return true from its IsAuthenticated property. Request.IsAuthenticated will then return true.

在Forms身份验证，窗体身份验证模块使用的情况下，
包含在身份验证Cookie加密身份验证票证
认证用户。一旦它做到了这一点，它取代了
GenericIdentity 在 Context.User.Identity 与 FormsIdentity 对象那
返回真从 IsAuthenticated 属性。

In the case of Forms authentication, the forms authentication module uses the encrypted authentication ticket contained in the authentication cookie to authenticate the user. Once it has done this, it replaces the GenericIdentity in Context.User.Identity with a FormsIdentity object that returns True from its IsAuthenticated property.

所以，设置 IsAuthenticated 到真正是实际上是不同的伐木作为
杰夫说，在登录窗体身份验证时会发生
认证券被产生并发送至客户端作为cookie。
（ RedirectFromLoginPage 或 SetAuthCookie ）我们正在谈论与
IsAuthenticated 是认证与每个页面请求发生。
当用户输入他们的凭据，并发出登录情况
票，认证情况与每个请求。

So, setting IsAuthenticated to true is actually different to logging in. As Jeff says, logging in to forms authentication happens when the authentication ticket is generated and sent to the client as a cookie. (RedirectFromLoginPage or SetAuthCookie) What we are talking about with IsAuthenticated is authentication that happens with each page request. Logging in happens when a user enters their credentials and is issued a ticket, authentication happens with each request.

这篇关于如何Request.IsAuthenticated工作？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！