I have an ASP.NET 3.5 site written on top of Azure for which I am trying to allow both authenticated and anonymous user profiles. Authenticated profiles work fine. But if I have not logged in, I see that the .ASPXANONYMOUS cookie .ASPXANONYMOUS sent with the profile information in the SetCookie directive. If I then close my browser session and start again, I will immediately put the SetCookie directive from the server, setting the .ASPXANONYMOUS cookie to a new value:
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 2.0.50727 Set-Cookie: .ASPXANONYMOUS=dTJEJCr...; expires=Fri, 12-Mar-2010 21:22:38 GMT; path=/; HttpOnly X-Powered-By: ASP.NET Date: Wed, 10 Feb 2010 21:22:41 GMT Content-Length: 3146
thus, profile information is lost between sessions. I do not understand why this is happening. I would think that storing the cookie value would be intact. My web.config has the following:
<anonymousIdentification enabled="true" cookieless="UseDeviceProfile" cookieName=".ASPXANONYMOUS" cookieTimeout="43200" />
Any ideas on what I need to do to keep cookies in sessions in order to allow anonymous profiles?
source share