How does Request.IsAuthenticated work?

by

Thanks to Google, I found a cached version of the post @keyboardP refers to in his answer. I’m posting that answer/post here as a reference for others since the original link is broken (2012-12-06).

Original question that the answer below refers to:

I have a forms based application that is giving me fits. I noticed that, in
a location where the IsAuthenticated property had been True, it was now
false and the was not working as expected. I am wondering if I have a
setting that is invalid??

Can anyone tell me what sets the IsAuthenticated property to True–what
constitues logging in.

Answer by Daniel Kent:

Request.IsAuthenticated is not just for forms authentciation – it is valid
no matter what type of authentication is being used (Windows, Passport,
Forms or our own custom scheme)

HttpRequest.IsAuthenticated will be true when the user making the request
has been authenticated. Essentially, this property provides the same
information as Context.User.Identity.IsAuthenticated.

At the start of a request, Context.User.Idenity contains a GenericIdentity
with a null username. The IsAuthenticated property for this object will
return false so Request.IsAuthenticated will be false. When an
authentication module handles the Application_AuthenticateRequest event and
successfuly authenticates the user it replaces the GenericIdentity in
Context.User.Identity with a new IIdentity object that will return true from
its IsAuthenticated property. Request.IsAuthenticated will then return true.

In the case of Forms authentication, the forms authentication module uses
the encrypted authentication ticket contained in the authentication cookie
to authenticate the user. Once it has done this, it replaces the
GenericIdentity in Context.User.Identity with a FormsIdentity object that
returns True from its IsAuthenticated property.

So, setting IsAuthenticated to true is actually different to logging in. As
Jeff says, logging in to forms authentication happens when the
authentication ticket is generated and sent to the client as a cookie.
(RedirectFromLoginPage or SetAuthCookie) What we are talking about with
IsAuthenticated is authentication that happens with each page request.
Logging in happens when a user enters their credentials and is issued a
ticket, authentication happens with each request.

More Related Contents:

  1. How can I get the baseurl of site?
  2. Calling async method synchronously
  3. Download/Stream file from URL – asp.net
  4. How to get current user, and how to use User class in MVC5?
  5. CryptographicException: Padding is invalid and cannot be removed and Validation of viewstate MAC failed
  6. asp.net: Invalid postback or callback argument
  7. Printing to a client printer from a web app
  8. Passing array of strings to webmethod with variable number of arguments using jQuery AJAX
  9. Getting relative virtual path from physical path
  10. How to get full host name + port number in Application_Start of Global.aspx?
  11. Should I use byte or int?
  12. Order of execution with multiple filters in web api
  13. “new” keyword in property declaration in c#
  14. How to get current page URL in MVC 3
  15. File count from a folder
  16. Will using LINQ to SQL help prevent SQL injection
  17. Server.MapPath – Physical path given, virtual path expected
  18. How to use C# 6 with Web Site project type?
  19. MEF with MVC 4 or 5 – Pluggable Architecture (2014)
  20. ThreadStaticAttribute in ASP.NET
  21. Registering an Application to a URI Scheme in windows 10
  22. How do you post a JSON file to an ASP.NET MVC Action?
  23. Filehandler in asp.net
  24. When to use Request.Cookies over Response.Cookies?
  25. ASP .NET Button event handlers do not fire on the first click, but on the second click after a PostBack
  26. How to create Select List for Country and States/province in MVC
  27. SignalR – Checking if a user is still connected
  28. Is there a way in Json.NET serialization to distinguish between “null because not present” and “null because null”?
  29. Get first element from a dictionary
  30. How do I get a directory size (files in the directory) in C#?

Leave a Comment