家庭控制器中的MVC [授权]不适用于每个用户

Question

所以我使用LDAP来验证我的用户，这对大多数用户来说都很好用，但对于其中一些用户来说却没有。我知道有一个事实我有两个用户，它不适用。代码会删除有关此人的所有信息，创建一个formsAuthenticationticket，但是当它进入[授权]时，它会将它们反弹回登录页面。问题是为什么？

登录控制器：

   [AllowAnonymous]
    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult Login(LoginModel model, string returnUrl)
    {

        string logon_user = model.UserName.ToString();
        string logon_password = model.Password.ToString();

        ConnHelper connhelper = new ConnHelper();
        string encryptedTicket = null;
        String adPath = "#####"; //Path to the 2003 LDAP directory server
        ADAuthorize adAuth = new ADAuthorize(adPath); 
        FormsAuthenticationTicket authTicket = null;

        try
        {
            if (true == adAuth.IsAuthenticated("#####", logon_user, logon_password))
            {
                string groups = adAuth.GetGroups();

                Account acc = new Account();
                acc.windows_id = logon_user;
                acc.password = logon_password;
                acc.gers_id = connhelper.GetGersID(acc.windows_id);

                acc.region = connhelper.IsNull(connhelper.GetRegionManager(acc.gers_id));
                acc.home_store_region = connhelper.IsNull(connhelper.GetHomeStoreRegion(acc.gers_id));
                acc.store_group = connhelper.IsNull(connhelper.GetStoreGroup(acc.gers_id));
                acc.home_store = connhelper.IsNull(connhelper.GetStore(acc.gers_id));
                acc.arr = connhelper.GetStores(acc.gers_id);
                //acc.home_store_phone = misc.IsNull(misc.GetHomeStorePhoneNumber("hzs"), "");
                acc.home_store_phone = connhelper.IsNull(connhelper.GetHomeStorePhoneNumber(acc.gers_id), "");
                acc.full_name = connhelper.IsNull(connhelper.GetFullName(acc.gers_id), "");
               //  Onlt use the following in the core

               // acc.full_name = adAuth.getuserFname("#####", logon_user, logon_password);

               misc.GetStore(acc.gers_id);


                //Add information to the session
                Session.Add("roles", groups);
                Session.Add("Account", acc);

                // Create the authentication ticket
                authTicket =
                new FormsAuthenticationTicket(1,  // version
                    acc.windows_id,
                    DateTime.Now,
                    DateTime.Now.AddMinutes(500),
                    false, groups);
                // Now encrypt the ticket.
                encryptedTicket = FormsAuthentication.Encrypt(authTicket);
                // Create a cookie and add the encrypted ticket to the cookie as data.
                HttpCookie authCookie =
                    new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
                // Add the cookie to the outgoing cookies collection. 
                Response.Cookies.Add(authCookie);


                if (FormsAuthentication.GetRedirectUrl(acc.windows_id, false).EndsWith("Logout.aspx"))
                {
                    return RedirectToAction("Login", "Account");
                }

                // 
                //   Validate code this does the redirect to where you want the logged in person to go to.
                //
                if (Url.IsLocalUrl(returnUrl))
                {
                    return Redirect(returnUrl);
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }



            }
            else
            {
                ModelState.AddModelError("", "Authentication failed, check username and password.");
                return View(model);
            }
        }
        catch (Exception ex)
        {
            ModelState.AddModelError("", "Error authenticating. " + ex.Message + ex.StackTrace);
            return View(model);
        }
        // return View(model);

    }

Adauth已通过身份验证（即使对于被退回的人也会返回此选项）

    public bool IsAuthenticated(string domain, string username, string pwd)
    {
        cred(username, pwd);
        string domainAndUsername = domain + @"\" + username;
        DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);

        try
        {
            // Bind to the native AdsObject to force authentication. 
            Object obj = entry.NativeObject;
            DirectorySearcher search = new DirectorySearcher(entry);
            search.Filter = "(SAMAccountName=" + username + ")";
            search.PropertiesToLoad.Add("SAMAccountName");
            //search.PropertiesToLoad.Add("cn");
            SearchResult result = search.FindOne();
            if (null == result)
            {
                return false;
            }

            // Update the new path to the user in the directory
            _path = result.Path;
            _filterAttribute = (String)result.Properties["SAMAccountName"][0];
            //_filterAttribute = (String)result.Properties["cn"][0];
        }
        catch (Exception ex)
        {
            throw new Exception(ex.Message);
        }
        return true;
    }

然后是家庭索引控制器

    [HttpGet]
    [Authorize]
    public ActionResult Index()
    {
        //grab all events and pass to view
        //

        int count = D.getEventRows();
        if (count != 0)
        {
            Event[] events = new Event[count];
            events = D.getEvents(count);
            ViewBag.host = globals.hosts();
            ViewBag.events = events;
            DateTime curr = DateTime.Now;
            ViewBag.curr = curr;
            return View(events);

        }

        return View();
    } 

网络配置：

<authentication mode="Forms">
  <forms loginUrl="~/Account/Login" timeout="28800" />
</authentication>

<authorization>

  <allow users="*" />

</authorization>