By default IIS 7 will generate a new session when accessing a site over a secure HTTPS connection. This can cause issues if you are switching between a HTTP and a HTTPS connection when dealing with a site that handles logged in users via sessions.
Luckily this is a easy fix.
Open up the Internet Information Services (IIS) Manager, and select the web site you wish to change the setting on:
Open up the “ASP” feature:
Expand the “Session Properties” section:
Change the drop down option for “New ID ON Secure Connection” from “True” to “False”.
Restart the web site to make sure the settings take effect.
