HttpContext.Current.User.IsInRole无效

Question

在我的控制器AuthController/signin我有这个代码:

    entities.UserAccount user = (new BLL.GestionUserAccount()).authentifier(email, password);
            //storing the userId in a cookie
            string roles = (new BLL.GestionUserAccount()).GetUserRoles(user.IdUser);
            // Initialize FormsAuthentication, for what it's worth

            FormsAuthentication.Initialize();

            //

            FormsAuthentication.SetAuthCookie(user.IdUser.ToString(), false);

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
            1, // Ticket version
            user.IdUser.ToString(), // Username associated with ticket
            DateTime.Now, // Date/time issued
            DateTime.Now.AddMinutes(30), // Date/time to expire
            true, // "true" for a persistent user cookie
            roles, // User-data, in this case the roles
            FormsAuthentication.FormsCookiePath);// Path cookie valid for

            // Encrypt the cookie using the machine key for secure transport
            string hash = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(
               FormsAuthentication.FormsCookieName, // Name of auth cookie
               hash); // Hashed ticket



                // Get the stored user-data, in this case, our roles

            // Set the cookie's expiration time to the tickets expiration time
            if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

            // Add the cookie to the list for outgoing response
            Response.Cookies.Add(cookie);
            return RedirectToAction("index", "Home");

在主页面中我有一个菜单,在该菜单中有一个项目只能由管理员角色看到.

     <% if (HttpContext.Current.User.IsInRole("admin")){ %>

            <%=Html.ActionLink("Places", "Places", "Places")%>
        <%} %>

即使HttpContext.Current.User包含正确的角色,我也看不到该项目:

globalx asax:

    protected void Application_AuthenticateRequest(Object sender, EventArgs e)
    {
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.User.Identity.IsAuthenticated)
            {
                if (HttpContext.Current.User.Identity is FormsIdentity)
                {
                    FormsIdentity id =
                        (FormsIdentity)HttpContext.Current.User.Identity;
                    FormsAuthenticationTicket ticket = id.Ticket;

                    // Get the stored user-data, in this case, our roles
                    string userData = ticket.UserData;
                    string[] roles = userData.Split(',');
                    HttpContext.Current.User = new GenericPrincipal(id, roles);
                }
            }
        }
    }

Answer 1

而不是使用User.IsInRole(),尝试静态方法Roles.IsUserInRole().