Request.IsAuthenticated即使数据库为空

在我的剃须刀WebApp中，Request.IsAuthenticated和WebSecurity.IsAuthenticated总是返回true，即使数据库为空，我该如何修复这种行为？

  <?xml version="1.0" encoding="utf-8"?>
  <!--
    Weitere Informationen zum Konfigurieren der ASP.NET-Anwendung finden Sie unter 
    &quotehttp://go.microsoft.com/fwlink/?LinkId=169433.
    -->
  <configuration>
    <configSections>
      <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
      <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
    </configSections>
    <system.diagnostics>
      <trace>
        <listeners>
          <add type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=2.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" name="AzureDiagnostics">
            <filter type="" />
          </add>
        </listeners>
      </trace>
    </system.diagnostics>
    <connectionStrings>
      <add name="DefaultConnection" connectionString="Data Source=(LocalDb)'v11.0;Initial Catalog=aspnet-Coding.Lizards.Video.Manager.Web-20130903001018;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|'aspnet-Coding.Lizards.Video.Manager.Web-20130903001018.mdf" providerName="System.Data.SqlClient" />
      <add name="WebsiteModel" connectionString="metadata=res://*/Models.WebsiteModel.csdl|res://*/Models.WebsiteModel.ssdl|res://*/Models.WebsiteModel.msl;provider=System.Data.SqlClient;provider connection string=&quot;data source=(LocalDb)'v11.0;attachdbfilename=|DataDirectory|'aspnet-Coding.Lizards.Video.Manager.Web-20130903001018.mdf;initial catalog=aspnet-Coding.Lizards.Video.Manager.Web-20130903001018;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework&quot;" providerName="System.Data.EntityClient" />
    </connectionStrings>
    <appSettings>
      <add key="webpages:Version" value="2.0.0.0" />
      <add key="webpages:Enabled" value="false" />
      <add key="PreserveLoginUrl" value="true" />
      <add key="ClientValidationEnabled" value="true" />
      <add key="UnobtrusiveJavaScriptEnabled" value="true" />
    </appSettings>
    <system.web>
      <compilation debug="true" targetFramework="4.5">
        <assemblies>
          <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        </assemblies>
      </compilation>
      <httpRuntime targetFramework="4.5" />
      <authentication mode="Forms">
        <forms loginUrl="~/Account/Login" timeout="2880" />
      </authentication>
      <pages>
        <namespaces>
          <add namespace="System.Web.Helpers" />
          <add namespace="System.Web.Mvc" />
          <add namespace="System.Web.Mvc.Ajax" />
          <add namespace="System.Web.Mvc.Html" />
          <add namespace="System.Web.Optimization" />
          <add namespace="System.Web.Routing" />
          <add namespace="System.Web.WebPages" />
        </namespaces>
      </pages>
    </system.web>
    <system.webServer>
      <validation validateIntegratedModeConfiguration="false" />
      <handlers>
        <remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
        <remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
        <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
        <add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%'Microsoft.NET'Framework'v4.0.30319'aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
        <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%'Microsoft.NET'Framework64'v4.0.30319'aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
        <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
      </handlers>
    </system.webServer>
    <runtime>
      <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
        <dependentAssembly>
          <assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" />
          <bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
        </dependentAssembly>
        <dependentAssembly>
          <assemblyIdentity name="DotNetOpenAuth.AspNet" publicKeyToken="2780ccd10d57b246" />
          <bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
        </dependentAssembly>
        <dependentAssembly>
          <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
          <bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
        </dependentAssembly>
        <dependentAssembly>
          <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
          <bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
        </dependentAssembly>
        <dependentAssembly>
          <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
          <bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
        </dependentAssembly>
        <dependentAssembly>
          <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
          <bindingRedirect oldVersion="1.0.0.0-1.3.0.0" newVersion="1.3.0.0" />
        </dependentAssembly>
      </assemblyBinding>
    </runtime>
    <entityFramework>
      <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
        <parameters>
          <parameter value="v11.0" />
        </parameters>
      </defaultConnectionFactory>
    </entityFramework>
  </configuration>

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebMatrix.WebData;
namespace Coding.Lizards.Video.Manager.Web.Filters {
    public class CustomAuthorizeAttribute : AuthorizeAttribute {
        protected override bool AuthorizeCore(HttpContextBase httpContext) {
            if (WebSecurity.UserExists(httpContext.User.Identity.Name))
                return true;
            return false;
        }
        protected override HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext) {
            if (WebSecurity.UserExists(httpContext.User.Identity.Name))
                return HttpValidationStatus.Valid;
            return HttpValidationStatus.Invalid;
        }
    }
}

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using WebMatrix.WebData;
namespace Coding.Lizards.Video.Manager.Web.Filters {
    public static class RequestExtensions {
        public static bool IsAuthenticated(this HttpRequestBase request) {
            if (WebSecurity.UserExists(request.RequestContext.HttpContext.User.Identity.Name))
                return true;
            return false;
        }
    }
}