Got a bit of a weird one here which may just be down to me not fully understanding IIS.
We have two websites in IIS (which we configured using this method). One is named e.g. "https://theServerName.domain.com" and the other is "https://development.domain.com". The second is basically a clone of the first, to allow us to test changes before 'going live'.
The login script works as follows:
- An index page is loaded, the page checks for a session, if a session doesn't exist, the user is sent to a login page instead
- The users logs in, the credentials are checked against a database. If the credentials are valid, a session is created and the user is sent back to the index page
This works perfectly for "theServerName.domain.com". However when we login into "developer.domain.com" the session is created, but when we are sent back to the index page, the page checks for a session and can't find one.
I am puzzled because the domain is the same for both the login page and login validation page, so the only thing I can think of is if the multiple website situation is confusing matters.
Any ideas?
EDIT 1: I forgot a crucial bit of information which is that this only seems to happen in IE 8 - Tested and working in Firefox 14.0.1, Opera 12.01, Chrome 21.0 and IE 9.
EDIT 2: I don't know if this helps but IE 9 throws the error "Content from the website listed below is being blocked by the Internet Explorer Enhanced Security Configuration. javascript://void(0)" (this is after clicking "Continue to this website (not recommended)." due to the certificate not being installed)
