FormsAuthentication.SetAuthCookie不[授权]在MVC 5 [英] FormsAuthentication.SetAuthCookie doesn't [Authorize] in MVC 5

问题描述

我创建了一个全新的ASP.NET MVC 5项目来测试与 FormsAuthentication.SetAuthCookie [授权] 属性>。我只是在一个动作中设置一个cookie（在我的主页控制器）：

I created a brand new ASP.NET MVC 5 project to test the [Authorize] attribute with FormsAuthentication.SetAuthCookie. I simply set a cookie in one action (in my Home controller):

    public ActionResult About()
    {
        FormsAuthentication.SetAuthCookie("someUser", false);

和我限制进入另一个：

    [Authorize]
    public ActionResult Contact()
    {

当我启动我的网页，并导航到 /首页/联系，我正确地重定向到一个登录页面。然后我去 /首页/关于，让我的饼干，并返回到联系人页面。但我仍然重定向到登录页面 - cookie不认证/授权我

When I launch my web page and navigate to /home/contact, I am correctly redirected to a login page. Then I go to /home/about, get my cookie, and go back to the contact page. But I'm still redirected to the login page -- the cookie does not authenticate/authorize me.

在调试器， HttpContext.User.Identity.IsAuthenticated ==虚假当我加载关于页多次（也就是说，它从来没有看到我为是即使设置一个AUTH的cookie）经过验证的。

In the debugger, HttpContext.User.Identity.IsAuthenticated == false when I load the About page multiple times (that is to say, it never sees me as being authenticated even after setting an auth cookie).

是否有必须在这里做了一些额外的步骤？我不应该需要设置自己的IPrincipal基本身份验证，要这样呢？

Is there some extra step that must be done here? I shouldn't need to set my own IPrincipal for basic authentication, should I?

推荐答案

从web.config中删除：

from web.config remove:

<modules>
  <!--<remove name="FormsAuthenticationModule" />-->
</modules>

或simples删除线在web.config中

or simples remove the line in web.config

这篇关于FormsAuthentication.SetAuthCookie不[授权]在MVC 5的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！