FormsAuthentication Behaving odd

Is this a security issue or by design?

string UID = "randomusername" // does not exists in aspnet_U开发者_运维知识库sers table FormsAuthentication.RedirectFromLoginPage(UID, false);

Authenticates users, redirects to login page.

Profile Page is set to chech User.Identity.IsAuthenticated etc...

when they update the profile, it ads the user to the aspnet_users table automatically, which is not what I want.

FormsAuthentication.RedirectFromLoginPage doesn't perform any valid user check; it just redirects the user as they are a valid user. It assumes that you have done the validation check first before you called this.

HTH.