1
protected void Page_Load(object sender, EventArgs e)
{
    if (!User.Identity.IsAuthenticated)
    {
        Response.Redirect("~/login.aspx?ReturnUrl=userLevel.aspx");
    }

    if (!IsPostBack)
    {
       if (Request.Form["action"] == "getUserData")
        {
            string nm = User.Identity.Name;
            Response.Clear();
            Response.Write(nm);
            Response.End();
        }
    }
}

the user loged in and he is authenticated, but when I check for his name I get "" I try to get the user name using a jquery ajax, and I return the data to the ajax

update: a look at my immediate window (while in a break point) when a user named moria is logedin

**User.Identity**
{System.Web.Security.FormsIdentity}
[System.Web.Security.FormsIdentity]: {System.Web.Security.FormsIdentity}
AuthenticationType: "Forms"
**IsAuthenticated: true**
**Name: ""**

**Membership.GetUser()**
**null**

**Membership.GetUser("moria")**
{moria}
Comment: null
CreationDate: {23/02/2016 01:10:08}
Email: "orders.gca@gmail.com"
IsApproved: true
IsLockedOut: false
IsOnline: false
LastActivityDate: {24/02/2016 03:21:08}
LastLockoutDate: {01/01/1754 02:00:00}
LastLoginDate: {24/02/2016 03:21:08}
LastPasswordChangedDate: {23/02/2016 01:10:08}
PasswordQuestion: "1"
ProviderName: "MySqlMembershipProvider"
ProviderUserKey: {ff589472-e852-4049-8803-6d22740414ee}
UserName: "moria"
Eli Cohen
  • 131
  • 1
  • 10
  • 1
    You should test with _Request.IsAnthenticated_ to know authentication process is correct... – ADreNaLiNe-DJ Feb 23 '16 at 13:11
  • Possible answer http://www.codeproject.com/Questions/874837/Why-User-Identity-IsAuthenticated-always-false – Aymeric Feb 23 '16 at 13:25
  • Aymeric - in my case User.Identity.IsAuthenticated return true, the problem is the User.Identity.Name is "" – Eli Cohen Feb 23 '16 at 22:36
  • Could you post the code of jQuery Ajax? – Win Feb 24 '16 at 15:40
  • I can post the code but it is not relevant, because the same problem occures when I do as described here https://forums.asp.net/p/2086189/6025356.aspx?Re+userName+is+empty+after+successful+login – Eli Cohen Feb 25 '16 at 20:46

2 Answers2

1

Taking from ADreNaLiNe-DJ's answer and adding in the ability to redirect back to the calling page, you would add this to the Global.asax file:

    protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        var loginUrl = new UrlHelper(HttpContext.Current.Request.RequestContext).Action("Login", "Account") ?? "";
        if (!this.Request.IsAuthenticated && !this.Request.Path.Contains(loginUrl))
        {
            Response.Redirect(loginUrl + "?ReturnUrl=" + Request.Url.AbsoluteUri);
        }
    }

Hope that helps.

shlgug
  • 1,320
  • 2
  • 11
  • 12
0

First of all, you should check authentication earlier in the pipeline. Add this code in your Global.asax.cs:

protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
    if (!this.Request.IsAuthenticated && !this.Request.Path.Contains("login.aspx"))
    {
        Response.Redirect("~/login.aspx?ReturnUrl=userLevel.aspx");
    }
}

You check authentication for all pages/requests in 1 unique place.

So when you are in the Page_Load, you are sure to be logged in and authenticated.

protected void Page_Load(object sender, EventArgs e)
{
    if (Request.Form["action"] == "getUserData")
    {
        string nm = User.Identity.Name;
        Response.Clear();
        Response.Write(nm);
        Response.End();
    }
}
ADreNaLiNe-DJ
  • 4,787
  • 3
  • 26
  • 35
  • If i will check authentication in global.asax.cs, how can I direct the user to the page he came from, after he will login? if I check in a specific page i can attach to the login.aspx a querystring with current page url. – Eli Cohen Feb 23 '16 at 22:32
  • when I use vb I check it in Page_PreLoad event of each page but in c# I dont know how to create this event – Eli Cohen Feb 23 '16 at 22:58
  • If you use the code i gave you for checking authentication: it will redirect users to the login if they are not authenticated or if they are accessing login page. Otherwise, the request continues normally. So there's nothing to do to _"direct the user to the page he came from"_ – ADreNaLiNe-DJ Feb 24 '16 at 07:23
  • I didn't know that, thanks. but it doesn't solve my problem, I even tried to disable the ajax call and to out put to a server side textbox the User.Identity.Authenticated.ToString + User.Identity.Name and I get just the word True without the userName – Eli Cohen Feb 24 '16 at 09:24