HttpContext.Current.User.Identity.IsAuthenticated=false;
HttpContext.Current.User.Identity.Name==""
解释:当用户登录时,服务器为确认客户端通过验证要通过cookie向客户端写验证(Authenticat)信息,在登录页面刚验证完成后服务器还没有把cookie 回发到Client,所以会没有值,当服务器第二次Response的时候,就会从客户端读取Cookie,要想有此Cookie还要在web.config文件中配置相应的参数
|
1
2
3
4
5
6
7
8
|
<system.web> <authentication mode="Forms"> <forms domain="bokoAdmin" timeout="20" loginUrl="Login.aspx" path="/"></forms> </authentication><authorization> <allow users="*"/> </authorization><system.web> |
程序验证:
|
1
2
3
4
5
6
7
8
9
10
11
12
|
if (Membership.ValidateUser(tbx_username.Text.TrimEnd(), tbx_password.Text.TrimEnd())) { FormsAuthentication.SetAuthCookie(tbx_username.Text.TrimEnd(), true,FormsAuthentication.FormsCookiePath);FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, tbx_username.Text, DateTime.Now, DateTime.Now.AddMinutes(20), false, tbx_username.Text); // generate new identity FormsIdentity identity = new FormsIdentity(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); // write to client. Response.Cookies.Add(cookie); } |
其中加粗体为主要语句,有此一句就可以实现HttpContext.Current.User.Identity.IsAuthenticated=true;
authorization节点解决FormsAuthentication.SignOut(); 不起作用的问题