formsauthentication conflicts between 2 aspx apps

[Sarah]

My local (XP Pro) IIS hosts 2 aspx applications. One is a subdirectory of
the root. The other is a virtual directory.

Both sites uses formsauthentication (and credentials are verified using
separate databases).

Both login forms have the option to persist the formsauthentication cookie
(forever).

Unfortunately though, if I log in to 1 site and persist the cookie, and then
do the same for the second site, when I return to the first, I have lost
authentication and am asked to log in again.

If I only access one of the apps, it works fine and does not ask me to log
in even if I close and reopen the browser, navigate to other external
formsauthentication sites etc.

I understand in production, I can assign different websites to the
applications and that should work fine, but in the mean time, how can I keep
a user logged in to both applications?

Thanks

 

[KMA]

Sarah,

Interesting problem and I'm no expert.

First, I assume that the two cookies have distinct names.

What happens if you use two instances of the same browser to navigate? And
if you use two browser types (IE and Firefox, for example)

Not that I can diagnose your problem with said info, but I'm curious. The
other avenue for exploration is how are the cookies validated server side. I
don't know many details about this either at the moment.