Nov 04, 2007 03:47 AM|Scott Mitchell|LINK
Let's step through what's happening here...
In short, the User object is set earlier in the ASP.NET pipeline, long before the requested ASP.NET page's code is executed. Now, on the
subsequent visit, the ASP.NET runtime will see the forms authentication ticket and User.Identity.IsAuthenticated will be true, but not on this request.
I really hope this makes sense.
In any event, in the LoggedIn event handler there's no need to check if the user is authenticated - you already know they are! The LoggedIn event wouldn't fire otherwise. Also, you won't be able to get the username from User.Identity.Name. Instead, use