.NET FormsAuthentication issue with load balanced servers using IIS 7 and using cookies

I have a couple of load-balanced web servers running .NET 3.5 / MVC 2 application. We use cookie authentication.

When the user starts on the second server, he HttpContext.Current.User.Identity.IsAuthenticatedalways returns as false, and therefore the user logs off.

Another interesting tidbit is that the cookie .ASPXAUTHis still being sent from the browser, can still be seen in the request headers, but no longer exists in HttpContext.Current.Request.Cookies. I set auth cookie HttpOnlyand Securein true.

I verified that both web servers use the same exact machine keys as those in the web.config files.

+3

.net cookies iis-7 forms-authentication load balancing

kiwigod17 May 11, '12 at 21:50

No one has answered this question yet.

See related questions:

805

How to make a .NET application run as an administrator?

213

Why put CSRF tokens in cookies so often?

22

Asp.net forms cookie authentication by not observing timeout with IIS7

6

OWIN Cookies vs. Forms Authentication

3

read authentication cookie between sites on the same server

2

Loss of Set-Cookie in the response header on a single server in a multi-server Windows IIS.NET environment

1

ITfoxtec SAML with load-balanced web servers

0

ASP.net code does not display cookie set by browser

0

Is there anything else in.net 4 that causes the cookie to disappear.ASPXAUTH?

0

Auth cookie defragmentation fails in load balanced environment

All Articles