I have 2 sites running on one instance of IIS 7.
A.site.com
B.site.com
These sites use forms authentication and there is one form for logging in on site A.
So if i try to access a restricted page on site B with URL
B.site.com/TEST/
i get redirected to
A.site.com/login.aspx?ReturnUrl=%2TEST%2f
I can then enter username and password to authenticate. So far so good.
After authentication I get redirected to
A.site.com/TEST/
instead of
B.site.com/TEST/.
Can anyone tell me how i can get around this problem and make IIS redirect me to the correct page?
Note: the authentication works fine - i can go to the page B.site.com/TEST/ and i am no longer redirected to the login page. So the problem is just redirecting to the wrong site or the value of ReturnUrl should not be a relative path.
A workaround might be to force the user to go back to the last page using JS instead. Not a great answer though i admit. I think this is an IIS bug since the documentation to set up forms authentication with different sub-domains does not mention this problem at all.
EDIT:
A better answer is change the loginUrl to include the domain.
loginUrl="https://A.site.com/Login.aspx?domain=B.site.com"
Then handle the redirect client side