Reputation: 1341
Is this a security issue or by design?
string UID = "randomusername" // does not exists in aspnet_Users table FormsAuthentication.RedirectFromLoginPage(UID, false);
Authenticates users, redirects to login page.
Profile Page is set to chech User.Identity.IsAuthenticated etc...
when they update the profile, it ads the user to the aspnet_users table automatically, which is not what I want.
Upvotes: 0
Views: 99
Reputation: 50728
FormsAuthentication.RedirectFromLoginPage doesn't perform any valid user check; it just redirects the user as they are a valid user. It assumes that you have done the validation check first before you called this.
HTH.
Upvotes: 3