我找到了问题的答案 .
在loggin_in事件中,我应该保存身份验证cookie(我可以在UserData属性中存储我在customPrincipal中需要的所有信息),在Application_PostAuthenticateRequest中,我应该从该cookie创建CustomPrincipal . 这样这个事件会触发每个请求但我没有命中数据库 - 我从cookie中读取数据 .
在我的情况下代码是:
void Application_PostAuthenticateRequest(object sender, EventArgs args)
{
HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie == null)
return;
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
string[] customData = authTicket.UserData.Split(new Char[] { '|' });
if (Context.User.Identity.IsAuthenticated == true)
{
if (Context.User.Identity.AuthenticationType == "Forms")
{
Context.User = new CustomPrincipal(customData, Context.User);
Thread.CurrentPrincipal = Context.User;
}
}
}