If the IIS website is configured to use Forms-Based Authentication, then the problem is most likely that the cookie for the 2nd login (which is a different user) is overwriting the cookie from the initial login.
By default, the cookie is named ".ASPXAUTH".
You can control the cookie name IIS uses to maintain the session by changing the "name" attribute in the element in the web.config. An example of this portion of the web.config would be something like:
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="APP1SESS" />
</authentication>
No comments:
Post a Comment