Possible Security Related Post Back Problem! Pleas

[beechoss]

Hi all,<BR><BR> I have some unusual behavior here that I think is tied to directory security. If I access a website on a machine that has "Anonymous Authentication" only, and then access an ASP.NET site on the same machine that has "Integrated Access" only (using the same browser instance), the pages don't behave correctly (i.e. the viewstate doesn't work, handlers don't get called)<BR><BR>You can repro this in the following way:<BR>1. Create a new ASP.NET website, and add a button and textbox to webform1.aspx<BR>2. Create a directory under wwwroot and add an empty default.htm file into the directory.<BR>3. Make a virtual directory immediately under Default Web Site (in IIS Manager) for the directory created in step 2. Set the access to "Integrated Authentication" Only.<BR>4. Set the access mode for the ASP.NET site to "Authenticated - Allow IIS to manage passwords" (remove Integrated if its checked)<BR>5. Open a browser and navigate to the directory created in step 2. (do not specify the path to default.htm, just specify it to the directory)<BR>6. In the address bar, redirect the website to webform1.aspx of your ASP.NET site.<BR>7. Enter some text and press submit... the text should disappear..<BR><BR><BR>I suspect something relating to my incorrect understanding of IIS security models and how ASP.NET really works. I REALLY REALLY REALLY would appreciate help/Feedback..<BR><BR><BR>Thanks so much!<BR>Jeff