1

I'm currently writing a simple Login page in ASP.NET MVC where, if the user is logged in, displays a specific view. The problem is that Request.IsAuthenticated always returns false. I've tried the solutions explained in the other answers but it's still false.

Here is my Web.config:

<configuration>
  <configSections>
    <sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=xxx">
      <section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=xxx" requirePermission="false" />
      <section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=xxx" requirePermission="false" />
    </sectionGroup>
  </configSections>

  <system.web.webPages.razor>
    <host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=xxx" />
    <pages pageBaseType="System.Web.Mvc.WebViewPage">
      <namespaces>
        <add namespace="System.Web.Mvc" />
        <add namespace="System.Web.Mvc.Ajax" />
        <add namespace="System.Web.Mvc.Html" />
        <add namespace="System.Web.Optimization"/>
        <add namespace="System.Web.Routing" />
      </namespaces>
    </pages>
  </system.web.webPages.razor>

  <appSettings>
    <add key="webpages:Enabled" value="false" />
  </appSettings>

  <system.webServer> 
     <modules>
        <remove name="FormsAuthenticationModule" />
    </modules>

    <handlers>
      <remove name="BlockViewHandler"/>
      <add name="BlockViewHandler" path="*" verb="*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler" />
    </handlers>
  </system.webServer>

  <system.web>    
    <compilation>
      <assemblies>
        <add assembly="System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=xxx" />
      </assemblies>
    </compilation>
  </system.web>
</configuration>

In my controller, I set the authentication value to true with the following command:

FormsAuthentication.SetAuthCookie(cvm.Username, false);

But in my view if I check the value of Request.IsAuthenticated, it's always false.
How can I resolve this problem?

Gab
  • 87
  • 3
  • 7
  • Seems to be a dupe of [this](http://stackoverflow.com/questions/19536955/request-isauthenticated-is-always-false). Did you try top answer from there? – Andrei Nov 10 '16 at 17:27
  • @Andrei yes, unfortunately it doesn't work. – Gab Nov 10 '16 at 17:33
  • I would suggest you to go for OWIN instead. To fix this issue, probably `` would work. – Developer Nov 11 '16 at 08:50
  • @Developer i've tried your solution but it doesn't work. I've updated my web.config. – Gab Nov 11 '16 at 09:15
  • Might be stupid one, but could you just try with the entire stuff `System.Web.HttpContext.Current.Request.IsAuthenticated` ? I have had issues with `Request` vs `System.Web.HttpContext.Current.Request` – Developer Nov 11 '16 at 10:30
  • @Developer neither. I can't figure what can be. – Gab Nov 11 '16 at 10:46
  • I'll give it a try when I have some time. But I would suggest to try OWIN cookie authentication - its easy. – Developer Nov 11 '16 at 11:20
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/127888/discussion-between-gab-and-developer). – Gab Nov 11 '16 at 11:26

1 Answers1

0

If you are using MVC 5, the FormsAuthentication module, is removed in the web.config. Modules

Remove this line.

Comment-out RemoveFormsAuthentication

If that doesn't work, try writing:

<remove name="FormsAuthentication" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
André Snede
  • 9,899
  • 7
  • 43
  • 67