FormsAuthentication.SetAuthCookie不[授权]在MVC 5 [英] FormsAuthentication.SetAuthCookie doesn't [Authorize] in MVC 5
问题描述
我创建了一个全新的ASP.NET MVC 5项目来测试与 FormsAuthentication.SetAuthCookie
[授权] 属性>。我只是在一个动作中设置一个cookie(在我的主页控制器):
I created a brand new ASP.NET MVC 5 project to test the [Authorize]
attribute with FormsAuthentication.SetAuthCookie
. I simply set a cookie in one action (in my Home controller):
public ActionResult About()
{
FormsAuthentication.SetAuthCookie("someUser", false);
和我限制进入另一个:
[Authorize]
public ActionResult Contact()
{
当我启动我的网页,并导航到 /首页/联系
,我正确地重定向到一个登录页面。然后我去 /首页/关于
,让我的饼干,并返回到联系人页面。但我仍然重定向到登录页面 - cookie不认证/授权我
When I launch my web page and navigate to /home/contact
, I am correctly redirected to a login page. Then I go to /home/about
, get my cookie, and go back to the contact page. But I'm still redirected to the login page -- the cookie does not authenticate/authorize me.
在调试器, HttpContext.User.Identity.IsAuthenticated ==虚假
当我加载关于页多次(也就是说,它从来没有看到我为是即使设置一个AUTH的cookie)经过验证的。
In the debugger, HttpContext.User.Identity.IsAuthenticated == false
when I load the About page multiple times (that is to say, it never sees me as being authenticated even after setting an auth cookie).
是否有必须在这里做了一些额外的步骤?我不应该需要设置自己的IPrincipal基本身份验证,要这样呢?
Is there some extra step that must be done here? I shouldn't need to set my own IPrincipal for basic authentication, should I?
推荐答案
从web.config中删除:
from web.config remove:
<modules>
<!--<remove name="FormsAuthenticationModule" />-->
</modules>
或simples删除线在web.config中
or simples remove the line in web.config
这篇关于FormsAuthentication.SetAuthCookie不[授权]在MVC 5的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!