Upgrading to IIS7 stopped Firefox from receiving cookies?

Question

Our website has been using IIS6 for a long time. We test on IE8, Firefox, and Chrome. All browsers worked fine.

We recently did an upgrade to IIS7, and Chrome and IE8 continue to work normally, but Firefox appears to be unable to get the ASP session cookie. As a result, when our code checks the Session[] object, we see nothing, we think the user has logged out, and the site resets your session.

Does anyone know why upgrading to IIS7 would cause this behavior in Firefox? We've: 1) Reverted our application pool back to classic mode (no change); 2) Added a dummy value in the Global.asax object (no change); and 3) changed the web.config file from "authentication cookieless=autodetect" to "cookieless=usercookie" and back (no change).

Answer 1

Here's ours, works fine for us in integrated..

    <authentication mode="Forms">
        <forms cookieless="UseDeviceProfile"
               defaultUrl="~/Default.aspx"
               enableCrossAppRedirects="true"
               loginUrl="~/Login.aspx"
               name=".ASPXAUTH"
               path="/"
               protection="All"
               requireSSL="false"
               slidingExpiration="true"
               timeout="10080"/>
    </authentication>

My web.config is fairly flushed out, so if you want more settings, lemme know and I'll share, but first another thought:

What role services are installed under IIS7? You can find this on the server manager window, first subtick under the server, about the fourth section down on the right on the IIS tab.

Answer 2

Sounds like an issue with browsercap where it feels that Firefox can't handle cookies.

A symptom is endless logons since the Authenication cookie is not set , sending the user back to the logon page.

In .net i think its was moved to an XML formatted file.

Answer 3

this has happened to me to.

i can't figure out what settings in IIS7 can affect this.

can anyone else help?