总是Request.IsAuthenticated如此。重击我错过什么？ [英] Request.IsAuthenticated always true. Wham am I missing?

问题描述

我想要的用户名添加到cookie并清除它注销，但 Request.IsAuthenticated 返回总是正确的，所以我无法知道它是否是一个成员还是不在下一个页面上。

I'm trying to add username to cookie and clear it on logouts but Request.IsAuthenticated returns always true so I'm not able to know if it is a member or not on the next page.

下面是我尝试：

 public void Logout()
    {
        FormsAuthentication.SignOut();
        Session.Abandon(); // trying everything...
    }



protected void signin_submit_Click(object sender, EventArgs e)
    {
        //checklogins...
        HttpCookie authCookie = FormsAuthentication.GetAuthCookie(username_top.Text, true);
    }

我是从javascript函数点击注销，并且它击中调试器，所以我敢肯定，它被调用。

I'm clicking the Logout from javascript function, and it hits the debugger so I'm sure that its being called.

我检查的价值的Page_Load ：

protected void Page_Load(object sender, EventArgs e)
    {
        bool isAuth = Request.IsAuthenticated; // always true !!!
        if (isAuth)
        {
            registeredDiv.Visible = true;
            guestDiv.Visible = false;
        }
    }

我在想什么？我怎么能知道，如果用户登录或不？

What am I missing? How can I know if the user is logged in or not?

编辑：我发现 authenticationMode 是在web.config中设置为Windows。

I found out that authenticationMode was set to Windows in web.config.

编辑它作为：

<authentication mode="Forms">

但现在它总是返回false。我试过后重定向到登录页面相同，但仍没​​有工作。任何想法？

But now it always returns false. I tried redirecting after login to same page yet still didn't work. Any ideas?

推荐答案

当你说你打调试器，通过JavaScript进行调用，你通过AJAX这样做呢？我想知道，你确实登出，但不能将用户重定向，这意味着用户必须有计算机上的cookie不会被覆盖/破坏这样，当他们下次请求页面时，它再次工作因为cookie仍然存在。

When you say that you are hitting the debugger and making the call through Javascript, are you doing this via ajax? I'm wondering that you are indeed signing out, but not redirecting the user, which means that the cookie the user has on there machine is not being overwritten/destroyed so that when they next request a page, it works again because the cookie still exists.

当用户点击您的网站上注销按钮，你真的需要他们重定向到一个新的页面，这样的饼干可以设置（或取消，因为它是）正确......这里的<一个href=\"http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.signout.aspx\">MSDN文章窗体身份验证Signout 及其例如code调用 RedirectToLoginPage（）将梳理饼干作为pviously提到的$ P $。

When the user hits your logout button on your site, you really need to have them redirect to a new page so that the cookies can be set (or unset as it were) properly...Here's the MSDN Article on Forms Authentication Signout and its example code calls RedirectToLoginPage() which will sort out the cookies as previously mentioned.

我发现 FireCookie Firebug的调试cookie的相关问题非常有帮助。

I've found FireCookie for Firebug really helpful in debugging cookie related issues.

修改结果
根据MSDN文章我联系：

Edit
According to the MSDN article I linked to:

您可以使用SignOut方法
  用结合
  登录1 RedirectToLoginPage方法
  用户并允许不同的用户
  登录。

You can use the SignOut method in conjunction with the RedirectToLoginPage method to log one user out and allow a different user to log in.

您code没有 RedirectToLoginPage 调用，所以只是打电话 FormsAuthentication.SignOut（） ISN ŧ足够的（除非你打算做手工RedirectToLoginPage工作）

Your code does not have RedirectToLoginPage called, so just calling FormsAuthentication.SignOut() isn't enough (unless you are going to manually do the work of RedirectToLoginPage)

编辑2 结果
也许改变你的登录按钮code使用此功能来代替：

Edit 2
Perhaps change your Sign In Button code to use this function instead:

FormsAuthentication.RedirectFromLoginPage(username_top.Text, true)

由于这将自动完成设置所有的cookie的东西...

As this will automatically take care of setting all the cookie stuff...

修改3 结果
很高兴你整理出来，上面的功能（编辑2）将刚才做你说你已经上（添加cookie来响应）...

Edit 3
Glad you sorted it out, The above function (edit 2) would have just done what you said you had missed out on (adding the cookie to the response)...

这篇关于总是Request.IsAuthenticated如此。重击我错过什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！