I have an MVC4 application that is set up for forms authentication and uses the SimpleMembershipProvider.
I have marked all controllers except Account with the [Authorize] attribute.
When I deploy the site to an IIS server, the urls have a "GUID"-like querystring added to them (this doesn't happen on my development machine.
For example:
(dev machine) - http://mysite/Home/Edit
(iis) http://mysite/(X(6QK3qJe4dH34ynvHrs3PKduE5dlpsx-8wi5Kno4EXthY8WFPkbYWgNKENdNLbuo2jxazSYYAExxsouPyvfUK22gnZyQ11S-g4eMvPxA5AOoxHcLbSjTciN3VEp56LLYi1WYGKCJ54SVUHADF5J4wa7d3vaf6Y7xTAfOhmryN4iI6_7FC-ppruA9UjADwYwnnPs0))/Home/Edit
This also seems to have the effect that the first time I navigate to another page with an ActionLink, it makes me login again (I assume this is because the guid (I guess this is some authentication token?) is not generated by Html.ActionLink)
How can I get rid of this?
In IIS the authentication settings are
Anonymous Authentication: Enabled
ASP.NET Impersonation: Disabled
Basic Auth: Disabled - HTTP 401 CHallenge
Digest Auth: Disabled - HTTP 401 CHallenge
Forms Auth: Enabled- HTTP 302 Login/Redirect
Windows Auth: Disabled - HTTP 401 CHallenge
In my web.config:
<authentication mode="Forms">
<forms loginUrl="~/Security/Login" timeout="2880" />
</authentication>