asp.net-mvc - 设置cookie并验证后，User.Identity.IsAuthenticated返回false

Question

我在使用MVC4用户授权时遇到问题。
System.Web.Security.Membership.ValidateUser返回true。
然后进入FormsAuthentication.SetAuthCookie，我在浏览器中看到一个cookie。
然后由于某种原因，User.Identity.IsAuthenticated仍将求值为false。
重定向后User.Identity.IsAuthenticated仍然为false，并保持false。

[AllowAnonymous]
[HttpPost]
public ActionResult Login(LoginModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        if (System.Web.Security.Membership.ValidateUser(model.UserName, model.Password))
        {
            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
        else
        {
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

Answer 1

直到调用User.Identity.IsAuthenticated后的下一个请求，FormsAuthentication.SetAuthCookie()才会设置为true。

参见http://msdn.microsoft.com/en-us/library/twk5762b.aspx

The SetAuthCookie method adds a forms-authentication ticket to either the cookies collection, or to the URL if CookiesSupported is false. The forms-authentication ticket supplies forms-authentication information to the next request made by the browser.