I've converted a web site to a web application and am now experiencing a strange behavior with the application. Essentially, there are 2 webs. One web site is the main, front-facing site written in ASP.NET 1.1 but with the Membership piece added from 2.0. The other is a former web site now grown up to a web application.
It seems as though when I login to the web site (project 1), I get properly redirected to the web app (project 2) properly. However, any link I click on sends me back to login on the web site (project 1). The machine keys are the same and all of the forms authentication properties are the same.
I've stopped IIS several times and deleted the files in the temporary folder and still no go. Very frustrating.
Here is an example of my forms element for my web app:
<forms domain="beta.domain.com" name=".ASPXAUTH" loginUrl="http://beta.domain.com/" protection="All" timeout="600" path="/" requireSSL="true" slidingExpiration="true" defaultUrl="https://beta.domain.com/app/" enableCrossAppRedirects="true"/>
Here is an example of my forms element for the web site:
<forms name=".ASPXAUTH" enableCrossAppRedirects="true" timeout="600" defaultUrl="/QueryStringAuthenticate.aspx" loginUrl="/" protection="All" slidingExpiration="true" cookieless="UseDeviceProfile" domain="beta.domain.com" />
Then on both I have the same machine key value specified. The QueryStringAuthenticate.aspx page in the web site hasn't changed. It开发者_Python百科 still does the same thing it always did (obtain the cookie name [.ASPXAUTH] and cookie value [authentication token]).
I finally got it. It actually had nothing to do with the authentication itself, but rather the browser settings. Apparently, someone had modified our image file for dev machines to add the site in the trusted sites for HTTPS, but did not add it without the HTTPS. So, IE was dropping the connection somewhere. Either adding both with and without the HTTPS or removing those entries resolved the issue.
精彩评论