Asp.net Sessions Getting Crossed / Mixed Up

Question

Few weeks ago we had one of our customers contacting us saying that sometimes when he creates an activity it gets created under someone else\'s name!

We did some t

Answer 1

We had the same problem and it was caused by the <clientCache/> setting in IIS, which by default fails to add the Cache-Control: private HTTP header. The lack of this header meant that our Forms Authentication cookies were being cached by downstream proxy servers! So when our site got busy, all of a sudden a load of users would suddenly get logged in as the wrong user! Nightmare.