tags:

views:

181

answers:

3
Q: 

Set authentication as true for the view of the control that performs the authentication in ASP.Net MVC

In the authentication control I have the following line to mark a user as authenticated in the system (after checking out the password):

FormsAuth.SignIn(userName, rememberMe);

and if I redirect, which is the standard behvaior, everything is ok. But if I show a view right away, the usual ways to check whether a user is authenticated:

Page.User.Identity.IsAuthenticated
Request.IsAuthenticated

don't work. They say the user is not authenticate. How can I make the authentication effective immediately or is there another way to check that would allow me to find out when the user just logged in?

A: 

On your Controllers, you should be able to use the following to check if they're authenticated. 

User.Identity.IsAuthenticated;

I would check to make sure that your AccountController is properly saving the Principal object as you move from page to page.

mbmccormick  2009-06-01 20:57:59
+3  A: 

FormsAuth.SignIn is a function which is generated when you create a new ASP.NET MVC project from Visual Studio.

That function simply calls FormsAuthentication.SetAuthCookie, which according to the docs, sets the authentication cookie in the response.

This explains why it works if you redirect (because the client will play back the cookie in the subsequent request), but not right after the call.

Redirecting is the right/conventional way to do this, but if you absolutely insist on checking authentication before a redirect, then you could create an IsAuthenticated flag in session state and refer to that when checking.

DSO  2009-06-01 21:30:44
A: 

In addition to using the FormsAuth.Signin or FormsAuthentication.SetAuthCookie, you can also set the User.Identity manually in your sign-in control when the sign-in code executes. As written above, the reason is because the FOrmsAuth.SignIn simply sets the authentication cookie to be picked up next time in the Request_OnAuthenticate event. (Which simply decodes the cookie and sets the HttpContext.User property)

Eric Falsken  2010-10-11 02:19:20

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication