I am working on adding login functionality to a site I am building, but after login, the Request.IsAuthenticated property always returns true. I have searched this error and have found the same answers over and over, but those solutions are not working for me.
Code from AccountController::Login action:
if (response.Status == KD.Core.Enumerations.LoginStatus.LoggedIn)
{
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
SessionMgr.GetInstance().SetSessionValue(SessionTypes.UserId, response.UserId);
//Have added logging here to ensure login is successful in prod.
return RedirectToAction("Index", "Home");
}
Code from _Layout view file where I am seeing the problem:
<ul class="profile-nav">
@if (Request.IsAuthenticated)
{
<li class="active"><a href="/Account/Logout" rel="nofollow noreferrer noopener" title="Logout">Logout</a></li>
}
else
{
<li class="active"><a href="/Account/Login" rel="nofollow noreferrer noopener" title="Login">Login</a></li>
}
</ul>
The 2 previous answers I have found related to the forms authentication configuration in the web.config, but I have tried both and I am still not able to get this to work. The code functions as expected on my development machine (ie…Logout is displayed after logging in). The problem is that once I deploy to my prod web server the login is successful, but the Logout link is not displayed, only Login again. I have verified that the user is being logged in as I have added code to write to a log file from the Login action (right before the RedirectToAction call) so I know it is calling SetAuthCookie, but once it hits the layout code on the subsequent redirect to my home page (Home/Index), the Request.IsAuthenticated does not ever return true so I always get “Login” link again. The 2 things I have tried are the following changes to the web.config for forms auth: 1) adding the “requireSSL=”false” 2) adding the domain where “contoso” = the actual domain my prod web server is hosting, but again, neither of these has fixed my issue and I’m running out of ideas.
<authentication mode="Forms"> <forms loginUrl="~/Account/Login" timeout="2880" requireSSL="false" domain="contoso.com" /> </authentication>
Any help is greatly appreciated.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Well….after 2 months of ripping my hair out I finally figured this out. The web.config at the root application level did not have the “runAllManagedModulesForAllRequests=true” flag. Once I added that attribute, the Request.IsAuthenticated check returned true.
Hope my struggles help someone else in the future.
<system.webServer> <modules runAllManagedModulesForAllRequests="true"></modules> </system.webServer>
Method 2
my problem was associated with Chrome. Switching to another browser solved it immediately. The problem only occurred when using localhost on chrome. I think something to do with SSL
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0