I have been stuck in a .AUTH cookie bug for a while now with a website that uses form authentication in ASP.NET to log in the user. The website uses form authentication and ask for authentication information from a server that is running remote. Our website is not working with the response from production server, but the response from the staging server works just fine. These servers should be the same.
I looked into the problem for a while and find that for some reason the form authentication process using the response from production authentication server will drop the .AUTH cookie when send a GET request to Microsoft-IIS/10.0. I attached the request header and the response for both production and staging server. If anyone could possibly suggest the potential problem it will be great.
This is the worked one: request response
This is the bugged one: request response
As you can tell the request are pretty much the same, but the response missed the .AUTH cookie. Please let me know what could potentially cause the issue, I am pretty new to ASP.NET.
