I recently installed a couple of 2012 R2 servers and have a simple forms based application that has worked for years which now does not work.
On the login screen the user can choose to "remember me" which will set a forms persistant cookie expiring in a year. I have verified that the cookie and date exist in the browser. When the application exists memory on IIS the user is forced to reauthenticate ignoring the cookie. I placed the app back on a 2012 server and it functions as expected.
I have tried going into the forms authentication setting in IIS and switching the mode from "use device profile" to "use cookies" and that does not help (the 2012 server has "use device profile" checked). Any help is appreciated. For the coders out there here is the simple signin method
public static void Signin(string id, bool rememberMe)
{
var ticket = new FormsAuthenticationTicket(1, //The version number of the ticket.
id, //The user name associated with the ticket.
DateTime.Now,
//The local date and time at which the ticket was issued.
DateTime.Now.AddDays(365),
//The local date and time at which the ticket expires.
rememberMe,
//true if the ticket will be stored in a persistent cookie (saved across browser sessions); otherwise, false. If the ticket is stored in the URL, this value is ignored.
id,
//The user-specific data to be stored with the ticket.
FormsAuthentication.FormsCookiePath
//The path for the ticket when stored in a cookie.
);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
var formsCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
if (rememberMe)
{
formsCookie.Expires = DateTime.Now.AddDays(365);
}
HttpContext.Current.Response.Cookies.Add(formsCookie);
}