HttpContext.Current.User.Identity.IsAuthenticated=false;
HttpContext.Current.User.Identity.Name==""
解释:当用户登录时,服务器为确认客户端通过验证要通过cookie向客户端写验证(Authenticat)信息,在登录页面刚验证完成后服务器还没有把cookie 回发到Client,所以会没有值,当服务器第二次Response的时候,就会从客户端读取Cookie,要想有此Cookie还要在web.config文件中配置相应的参数
1
2
3
4
5
6
7
8
|
< system.web > < authentication mode = "Forms" > < forms domain = "bokoAdmin" timeout = "20" loginUrl = "Login.aspx" path = "/" ></ forms > </ authentication > < authorization > < allow users = "*" /> </ authorization > < system.web > |
程序验证:
1
2
3
4
5
6
7
8
9
10
11
12
|
if (Membership.ValidateUser(tbx_username.Text.TrimEnd(), tbx_password.Text.TrimEnd())) { FormsAuthentication.SetAuthCookie(tbx_username.Text.TrimEnd(), true ,FormsAuthentication.FormsCookiePath); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, tbx_username.Text, DateTime.Now, DateTime.Now.AddMinutes(20), false , tbx_username.Text); // generate new identity FormsIdentity identity = new FormsIdentity(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); // write to client. Response.Cookies.Add(cookie); } |
其中加粗体为主要语句,有此一句就可以实现HttpContext.Current.User.Identity.IsAuthenticated=true;
authorization节点解决FormsAuthentication.SignOut(); 不起作用的问题