I had CF8 running on iis7 and this used to work fine. When a user logged into IIS7 with windows authentication, the cgi.auth_user variable would stay set the entire time they were in the particular folder that required authentication.
I just upgraded to CF10 and iis7.5 and now, when a user logs into a folder that requires windows authentication, the cgi.auth_user variable is set for just the page which required authentication, when they travel to the next page(s) via links, the cgi.auth_user variable is changed to NULL.
The entire folder is set to require windows authentication, but no cgi.auth_user value is set...
Can anybody help?
It only took a couple of hours... but eventually I figured out it is an IIS problem. If Windows Authentication is set on the folder level... it MUST be enabled at the server level before it will populate the CGI variables throughout the application (instead of just the initial page). So the server level has both anonymous and windows authentication enabled and the folder that is restricted has anonymous disabled and windows authentication enabled.