asp.net 'Remember me' not working anymore with forms authentication

Question

I have two websites with self written membership providers that are hostet on the same server in the same Web in different web-applications and different application pools.

Answer 1

The issue may be that you have validation keys that are automatically generated every time you launch the worker process. The cookie is encrypted, but when you come back a new server-side key is used and thus your cookie cannot be decrypted.

Check out the machineKey section http://msdn.microsoft.com/en-us/library/ff649308.aspx

Here is something that will generate the machineKey section for you http://www.qualitydata.com/products/aspnet-membership/help/configuration/no-machinekey.aspx

Answer 2

Try set the domain name to be sure that the cookie of the remember is set correctly in all cases

<forms  path="/" domain="nameof.com" ...the rest

Answer 3

The cookie timeout is also limited by IIS and defaults to something low like 20 min. To change this:

1. Open IIS Manager.
2. Right click your site and select properties.
3. Select the ASP.NET tab and click Edit Configuration.
4. Select the Authentication tab.
5. Select Enable sliding expiration.
6. Set the Cookie timeout to a longer value. To set to 30 days, enter 30.00:00:00.
7. Click OK and exit IIS manager.