CrazyCoderz
CrazyCoderz

Reputation: 1341

FormsAuthentication Behaving odd

Is this a security issue or by design?

string UID = "randomusername" // does not exists in aspnet_Users table FormsAuthentication.RedirectFromLoginPage(UID, false);

Authenticates users, redirects to login page.

Profile Page is set to chech User.Identity.IsAuthenticated etc...

when they update the profile, it ads the user to the aspnet_users table automatically, which is not what I want.

Upvotes: 0

Views: 99

Answers (1)

Brian Mains
Brian Mains

Reputation: 50728

FormsAuthentication.RedirectFromLoginPage doesn't perform any valid user check; it just redirects the user as they are a valid user. It assumes that you have done the validation check first before you called this.

HTH.

Upvotes: 3

Related Questions