FormsAuthentication and Local Intranet Zone

C. Moya · Apr 8, 2007

I'm a bit stumped by this one: It seems that when I connect to my
application using the server's intranet name (http://intranetserver/MyApp/)
FormsAuthentication kicks back the user to the Login page after I call
RedirectFromLoginPage. It works fine if I access the server by IP address
(http://xx.xx.xx.xx) and if I access the server over its public domain name
(http://www.myserver.com).

Why is this happening?
I have IIS set to Anonymous Auth. Windows Auth is disabled. My web.config
auth section looks like this
<authentication mode="Forms">
<forms name=".MyAppAuth" loginUrl="Logon.aspx"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>

C. Moya · Apr 10, 2007

Believe it or not, we've discovered this is caused by underscores in the
server's name. (http://our_dev_server). We changed the underscores to
dashes, and everything now works.

I think this is a known issue going back to ASP.Classic(?). Not sure.

C. Moya · Apr 10, 2007

And here's a link that explains the problem:
http://www.hanselman.com/blog/ObscureBugASPNETDoesntHandleCookiesWithNonstandardServerNames.aspx

C. Moya said:
Believe it or not, we've discovered this is caused by underscores in the
server's name. (http://our_dev_server). We changed the underscores to
dashes, and everything now works.

I think this is a known issue going back to ASP.Classic(?). Not sure.