I have an ASP.NET 3.5 site written on top of Azure for which I'm trying to allow both authenticated and anonymous user profiles. The authenticated profiles work fine. But if I am not logged in, I see the .ASPXANONYMOUS cookie sent down with the profile information in a SetCookie directive. If I then close the browser session and start up again, I see a SetCookie directive sent down from the server right away, setting the .ASPXANONYMOUS cookie to a new value:
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: .ASPXANONYMOUS=dTJEJCr...; expires=Fri, 12-Mar-2010 21:22:38 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Wed, 10 Feb 2010 21:22:41 GMT
Content-Length: 3146
thus the profile information is lost between sessions. I don't understand why this is happening - I would think that preserving the cookie value would be the whole point. My web.config has this:
<!-- We allow anonymous users to have a profile using ASP.Net anonymous profiles -->
<anonymousIdentification
enabled="true"
cookieless="UseDeviceProfile"
cookieName=".ASPXANONYMOUS"
cookieTimeout="43200"
/>
Any ideas on what I need to do to preserve the cookie across sessions to allow proper anonymous profiles?