问题描述

可能重复：结果
  asp.net会员IsApproved假，但仍允许登录

我有一个用户注册，但IsApproved是假的，但是当我检查Request.IsAuthenticated它仍然返回true。

i am having a user register but IsApproved is false but when i check Request.IsAuthenticated it still returns true.

你知道怎么会发生这种情况？

Do you know how this can happen?

推荐答案

<一个href=\"http://msdn.microsoft.com/en-us/library/system.web.htt$p$pquest.isauthenticated%28loband%29.aspx\">Htt$p$pquest.IsAuthenticated如果HttpContext.User.Identity不为空，它的IsAuthenticated属性返回true返回true。

HttpRequest.IsAuthenticated returns true if HttpContext.User.Identity is not null and it's IsAuthenticated property returns true.

目前的身份是在FormsAuthenticationModule,但它无关，与你的MembershipProvider。事实上，它甚至不引用它。它所做的是检查是否身份验证cookie仍设置并且仍然有效（因为是，没有过期）。

The current identity is set in the FormsAuthenticationModule, but it has nothing to do with your MembershipProvider. In fact, it doesn't even reference it. All it does is check to see if the authentication cookie is still set and is still valid (as is, has not expired).

我认为问题是，你正在调用的FormsAuthentication方法，如，这是设置身份验证cookie。如果你需要等待，直到用户获得批准，那么你需要确保你没有设置cookie。

I think the problem is that you are calling one of the FormsAuthentication methods like RedirectFromLoginPage, which is settings the authentication cookie. If you need to wait until the user is approved, then you need to make sure you are not setting the cookie.

这篇关于在asp.net什么套Request.IsAuthenticated =真的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！