Tutorials References Exercises Sign Up Menu
Create Website Get Certified Pro

WebSecurity - RequireAuthenticatedUser()

❮ WebSecurity


The RequireAuthenticatedUser() method sets the HTTP status to 401 (Unauthorized) if the current user is not authenticated.

C# and VB Syntax




Return Value


Errors and Exceptions

Any access to the WebSecurity object throws an InvalidOperationException if:

  • The InitializeDatabaseConnection() method has not been called
  • SimpleMembership is not initialized (or disabled in the website configuration)


RequireAuthenticatedUser() only validates if the current user is authenticated. If the current user is not authenticated, the HTTP status is set to 401 (Unauthorized).

To validate if the current user is a specific user (by ID or by name), use the RequireUser() method. To validate that a user is a member of a role (roles), use the RequireRoles() method.

❮ WebSecurity