Multiple applications on a single site - session and forms authentication scope

Question

We\'re using ASP.NET and IIS 6.0. I realise that the definitions of applications, websites and virtual directories are ill-defined in IIS 6, and changed a lot in IIS 7. Howeve

Answer 1

For Forms Authentication, you can define the FormsCookiePath property to reflect the virtual directory of each sub site.

http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.formscookiepath.aspx

For Session State, I haven't seen anything that can define a path, but you can define different cookie names away from the standard cookieName="ASP.NET_SessionId" value. That way each sub site is looking out for different session cookies.

http://msdn.microsoft.com/en-us/library/h6bb9cz9(v=VS.100).aspx