Home/ Questions/Q 9189079
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T20:09:52+00:00

I am having a problem with MVC4 user authorization. System.Web.Security.Membership.ValidateUser returns true . Then

  • 0

I am having a problem with MVC4 user authorization.

System.Web.Security.Membership.ValidateUser returns true.
Then it gets to FormsAuthentication.SetAuthCookie and I see a cookie in my browser.
Then User.Identity.IsAuthenticated still evaluates to false for some reason.
User.Identity.IsAuthenticated is still false after a redirect and stays false.

[AllowAnonymous]
[HttpPost]
public ActionResult Login(LoginModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
        {
            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
        else
        {
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    User.Identity.IsAuthenticated won’t be set to true until the next request after calling FormsAuthentication.SetAuthCookie().

    See http://msdn.microsoft.com/en-us/library/twk5762b.aspx

    The SetAuthCookie method adds a forms-authentication ticket to either
    the cookies collection, or to the URL if CookiesSupported is false.
    The forms-authentication ticket supplies forms-authentication
    information to the next request made by the browser.

    • 0