How does Request.IsAuthenticated work?

MSDN Code Sample Description: The following code example uses the IsAuthenticated property to determine whether the current request has been authenticated. If it has not been authenticated, the request is redirected to another page where users can enter their credentials into the Web application. This is a common technique used in the default page for an application.

This is great but no detail or anything...

What exactly is it checking for? How do I set it to true?

Go the extra mile: Where would I find more detailed documentation about this?

Thanks to Google, I found a cached version of the post @keyboardP refers to in his answer. I'm posting that answer/post here as a reference for others since the original link is broken (2012-12-06).

Original question that the answer below refers to:

I have a forms based application that is giving me fits. I noticed that, in a location where the IsAuthenticated property had been True, it was now false and the was not working as expected. I am wondering if I have a setting that is invalid??

Can anyone tell me what sets the IsAuthenticated property to True--what constitues logging in.

Answer by Daniel Kent:

Request.IsAuthenticated is not just for forms authentciation - it is valid no matter what type of authentication is being used (Windows, Passport, Forms or our own custom scheme)

HttpRequest.IsAuthenticated will be true when the user making the request has been authenticated. Essentially, this property provides the same information as Context.User.Identity.IsAuthenticated.

At the start of a request, Context.User.Idenity contains a GenericIdentity with a null username.

The IsAuthenticated property for this object will return false so Request.IsAuthenticated will be false. When an authentication module handles the Application_AuthenticateRequest event and successfuly authenticates the user it replaces the GenericIdentity in Context.User.Identity with a new IIdentity object that will return true from its IsAuthenticated property. Request.IsAuthenticated will then return true.

In the case of Forms authentication, the forms authentication module uses the encrypted authentication ticket contained in the authentication cookie to authenticate the user.

Once it has done this, it replaces the GenericIdentity in Context.User.Identity with a FormsIdentity object that returns True from its IsAuthenticated property.

So, setting IsAuthenticated to true is actually different to logging in.

As Jeff says, logging in to forms authentication happens when the authentication ticket is generated and sent to the client as a cookie.

(RedirectFromLoginPage or SetAuthCookie) What we are talking about with IsAuthenticated is authentication that happens with each page request.

Logging in happens when a user enters their credentials and is issued a ticket, authentication happens with each request.

How does Request.IsAuthenticated work?的更多相关文章

  1. MVC Request.IsAuthenticated一直false Request.Cookie获取不到cookie

    项目中,在做登录验证时,用到了cookie,同一账户登陆,可以.切换其他账号时,就在也登录不上了,用原来的也不行.检查Request.IsAuthenticated一直false,而且Request. ...

  2. 今天发现猎豹浏览器的一个大坑 Request.IsAuthenticated 一直为 false;另外附加原因以及临时的解决方法

    今天掉到了一个大坑里面,爬了1个多小时才发现不是代码的问题,居然是浏览器的问题… 下面是问题的发生过程 单点登陆  有2个站点  http://a.abc.com  http://b.abc.com ...

  3. Request.IsAuthenticated

    Original question that the answer below refers to: I have a forms based application that is giving m ...

  4. Asp.net MVC Form认证,IIS改成集成模式后,FormsAuthentication.SetAuthCookie无效,Request.IsAuthenticated值,始终为false,页面提示HTTP 错误 401.0 - Unauthorized,您无权查看此目录或页面

    最近公司领导要求,IIS网站要由经典模式改为集成模式,以提高性能.改完之后,登录成功跳转到主页之后,页面提示“”HTTP 错误 401.0 - Unauthorized“,“您无权查看此目录或页面”, ...

  5. 搞了我一下午竟然是web.config少写了一个点

    Safari手机版居然有个这么愚蠢的bug,浪费了我整个下午,使尽浑身解数,国内国外网站搜索解决方案,每一行代码读了又想想了又读如此不知道多少遍,想破脑袋也想不通到底哪里出了问题,结果竟然是web.c ...

  6. .NET Web的身份认证

    百度一下”asp.net身份认证“,你会得到很多相关的资料,这些资料通常上来就会介绍诸如”Form认证“”Windows认证“等内容,而没有给出一个完整的流程.初学者对此往往一头雾水,我也曾经被坑过很 ...

  7. 分享一个html+js+ashx+easyui+ado.net权限管理系统

    EasyUI.权限管理 这是个都快被搞烂了的组合,但是easyui的确好用,权限管理在项目中的确实用.一直以来博客园里也不少朋友分享过,但是感觉好的要不没源码,要不就是过度设计写的太复杂看不懂,也懒得 ...

  8. [转]Asp.Net 用户验证(自定义IPrincipal和IIdentity)

    本文转自:http://www.cnblogs.com/amylis_chen/archive/2012/08/02/2620129.html Default.aspx 页面预览 默认情况下SignI ...

  9. IIS配置域用户自动登录

    1.首先确定IIS所在计算机是否已添加到域中:右击计算机->属性,在计算机名称,域,工作组设置中可看到计算机所在的域,若没有,可点击更改设置,再点击更改,选择要绑定的域即可(需要用域账户登录). ...

随机推荐

  1. windows系统Android-sdk的下载与环境变量配置

    最近一段时间在做app的开发,作为前端而言,开发app并不像android工程师那样熟悉android开发:无论是使用cordova.js或者react-native开发都需要配置android开发环 ...

  2. javascript之ECMAScript:语法的操作标准

    一.如何书写一个javascript代码 javascript代码需要写在javascript标签中才会生效,而javascript标签可以写在任何地方,但考虑到规范化及页面的加载问题,最好是写在bo ...

  3. 【OF框架】框架Cache/Session在负载均衡部署时,切换Memory/Redis测试

    一.切换Memory/Redis 第一步:安装运行Redis服务,获得连接参数. 第二步:在appsettings.json中配置 EnableRedisCache 和 Redisconnection ...

  4. 关于日期格式yyyy-MM-dd和YYYY-MM-dd

    原文:https://blog.csdn.net/guotufu/article/details/85696296 开发的时候用到这个类进行日期的转换,想转换的日期格式为“YYYY/MM/dd”,结果 ...

  5. 软工作业-----Alpha版本第一周小结

            软工作业-----Alpha版本第一周小结   Part1.第一周周计划记录 姓名 学号 周前计划安排 每周工作记录 自我打分 yrz(队长) 1417 1.进行任务分析 2.任务分配 ...

  6. osi七层网络模型(一)

    在网络中OSI分为七层网络模型,怎么理解七层模型呢?简单理解我们的手机都有手机壳.屏幕.摄像头.电池.芯片等很多原件,每个原件都是由不同的 厂家生产,最终组装成了一部功能完整的手机,同样,在网络中,也 ...

  7. 实践论:github搜索源码内容

    github搜索源码内容 github搜索源码内容 github搜索源码内容

  8. 关于七牛云存储配置服务器CNAME的问题

    以前的图片什么的都存放在七牛云(免费的那款)上,七牛相比OSS就是只能创建bucket但不能创建文件夹,这个令人很烦.最近七牛发公告说存储文件的测试域名30天后不能使用了,那我那些存储的图片的所有外链 ...

  9. Linux 防火墙开放端口(有时不生效可能是没有保存、重启导致)

    原创 Centos7--防火墙(Firewall)开启常见端口命令 2018-05-22 20:19:51 午夜阳光psb 阅读数 7396更多 分类专栏: Linux 版权声明:本文为博主原创文章, ...

  10. SpringMVC返回类型

    7.SpringMVC的返回值类型和参数传递 1.SpringMVC的返回值类型 (1)ModelAndView返回值类型: 1.1当返回为null时,页面不跳转. 1.2当返回值没有指定视图名时,默 ...