I've got an ASP.NET 2.0 Web site using Forms Authentication on top of custom Membership and Role providers. Impersionation is not used.
The setup works without a problem if I don't use SSL on IIS.
With SSL, calling .IsInRole(...) function always returns false. Since this happens only with SSL, it is very hard to debug - I used logging to find that the function, which returns the user's roles of my RoleProvider never gets called, when the site is running under SSL.
I've checked and confirmed in log that at runtime current Role and Membership providers are set to my custom ones properly.
I have a feeling the issue is related to ASP.NET behind-the-scenes caching of roles.
Does anyone have a suggestion, how to tackle the problem? Is there a way to force the membership/roles infrastructure to force read the roles? Or can I somehow fill the cache manually after login?
(Or is the problem not related to caching but something else?)