0

I have written some simple code to illustrate the problem. The controller code:

    public ActionResult Edit()
    {
        string un = User.Identity.Name;
        return View();
    }
    [HttpPost]
    public ActionResult Edit(int? dummy)
    {
        string un = User.Identity.Name; // <-- here it's empty string
        return View();
    }

The Edit.cshtml view code:

@using (Html.BeginForm())
{
    @Html.ValidationSummary(true)
    <input type="submit" value="Submit" />
}

The User.Identity.Name is not empty after I log in and I go to the Edit page. But after I submit the Edit page (I make a HTTP POST) the User.Identity.Name becomes empty string and remains empty string no matter what page I access.

In Web.config I have:

<authentication mode="Forms">
  <forms loginUrl="~/Account/LogOn" timeout="2880" />
</authentication>
danludwig
  • 46,965
  • 25
  • 159
  • 237
Paul Rusu
  • 233
  • 1
  • 4
  • 17

1 Answers1

0

This sounds like a strange problem, and though I can't give you an answer yet, this might help.

FormsAuthentication works by setting a cookie on the browser called .ASPXAUTH. After you sign in, inspect the cookies in your browser and look for it. Also, you can inspect the Request property in the controller action methods to look for that cookie. It will be a weird-looking encoded value. You can also use something like Fiddler2 to make sure that the cookie is being sent when you post the form.

I have run into this problem before, but it had to do with cross-domain requests and machineKey mismatch problems. If both your Edit actions are in the same controller / project / URL / web.config, then perhaps something in the pipeline is removing the cookie, or reconfiguring your User principal during POST requests..? You aren't using OWIN anywhere in the project, right? And there are no global filters other than HandleErrorAttribute?

danludwig
  • 46,965
  • 25
  • 159
  • 237