I ran the patches they suggested today - GDIPlus security update - for Windows XP SP1 (can't go to SP2 yet for other reasons), VS.NET 2003, and .NET Framework 1.1. I have had forms authentication working in my ASP.NET app for quite a while. After the patch install, I noticed that the IIS config was changed to not start automatically. I changed it back so I could run my app and now forms authentication is broken. Every time I log in with my login form, it doesn't redirect. I had it as FormsAuthentication.RedirectFromLoginPage(user_name, true) and then decided to hardcode the home page: FormsAuthentication.RedirectFromLoginPage(user_name, true, homepage) to test. When I did that, it went to the home page, but if I clicked on any links, it would redirect back to the login page. Has anyone seen this? Am I missing another setting in IIS that may have changed? Is there some default in IIS that my app was probably using that is changed for security reasons with this new patch? Please help! I can back out of the patch, but I want to fix whatever it is, so I don't run into it again when I deploy to the Windows 2003 server it will be hosted on.
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!