in asp.net what sets Request.IsAuthenticated = true [duplicate]
Asked Answered
H

1

10

Possible Duplicate:
asp.net membership IsApproved false but still allowing login

i am having a user register but IsApproved is false but when i check Request.IsAuthenticated it still returns true.

Do you know how this can happen?

Homogony answered 31/7, 2009 at 14:17 Comment(2)
#1213003Papaverine
I've asked the OP to delete his other question, since this one ended up being marked with an answer.Soelch
S
18

HttpRequest.IsAuthenticated returns true if HttpContext.User.Identity is not null and it's IsAuthenticated property returns true.

The current identity is set in the FormsAuthenticationModule, but it has nothing to do with your MembershipProvider. In fact, it doesn't even reference it. All it does is check to see if the authentication cookie is still set and is still valid (as is, has not expired).

I think the problem is that you are calling one of the FormsAuthentication methods like RedirectFromLoginPage, which is settings the authentication cookie. If you need to wait until the user is approved, then you need to make sure you are not setting the cookie.

Soelch answered 31/7, 2009 at 14:28 Comment(2)
thanks . . just realized that the form call was in the code after the membership success was trueHomogony
Please delete your other question - #1213003Soelch

© 2022 - 2024 — McMap. All rights reserved.