Per
a question I posted yesterday, our website's DNS structure has changed to round-robin DNS which literally swaps back and and forth between two production servers. Our \[code\]web.config\[/code\] for both prod servers has:
- \[code\]<sessionState mode="SQLServer" ... >\[/code\] pointing to the same shared DB
- A \[code\]machineKey\[/code\] on each server that is consistent between the two (this was the main point of my post yesterday).
- [update] The same domain in the \[code\]<forms domain=".mydomain.com" ... >\[/code\] tag
When we use the login feature on the site, the login actually makes a web service request to a 3rd website that authenticates a user. If the resulting response says it was a successful login, then we use \[code\]FormsAuthentication\[/code\] to log the user in:\[code\]FormsAuthentication.SetAuthCookie(strUserID, true);\[/code\]Our issue is that on some pages we see we are logged in, others we're not. Is this something indicative of either us not completing a final step to share session between two prod servers or could our SQL server session DB be broken?Thanks in advance
UPDATE:Our code to determine if the user is logged in is quite basic:\[code\]HttpContext.Current.User.Identity.IsAuthenticated\[/code\]
UPDATE 2:When I hit prod1.mysite.com (or prod2.mysite.com) I get a cookie called \[code\]"ASP.NET_SessionId"\[/code\] but when I hit the live public URL, www.mysite.com, I don't get this cookie. Is this part of the problem?
RESOLUTION:It turns out that everything we did here was all correct and that our live site which uses Akamai was being cached in various states due to Akamai's cache configuration. Sharing your logged in state between servers has been confirmed to work.
