2
工作在我的应用我使用授权属性在MVC 4
System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=2.0.0.0
为我的会员供应商,在这里我的账户控制器代码
[HttpPost]
public ActionResult Login(string username,string password)
{
var result = Membership.ValidateUser(username, password);
if(result)
{
var user = Membership.GetUser(username);
var roles = Roles.GetRolesForUser(username);
var isDistributor = roles.Any(x => x.ToUpper() == "DISTRIBUTOR");
if (isDistributor) return RedirectToAction("ShowCurrentDistributor", "Distributor");
}
else
{
TempData["error"] = "Invalid login attempt";
}
return View();
}
而且我ShowCurrentDistributor动作代码:
[HttpGet]
[Authorize(Roles = "Distributor")]
public ActionResult ShowCurrentDistributor()
{
var distributor = _distributer.GetDistributerbyEmail(User.Identity.Name);
return View(distributor);
}
但是当我打电话ShowCurrentDistributor方法,授权不起作用。它总是返回到我的登录表单,即使我通过有效角色(分销商)的身份验证。什么错我的代码
固定:我在后,如果加入这一行(结果) {FormsAuthentication.SetAuthCookie(username,true); 。因为validateuser onlyc检查用户名和密码是有效的,它不会设置任何身份验证令牌 –