I have a series of applications that I have recently been trying to upgrade from running on 4.0.3SP1 to 4.0.5GA. I use form authentication and have noticed an unusual effect.
On 4.0.3SP1 I could use an http POST or GET when accessing a secured web resource from an unsecured resource by an unathenticated user and in both cases the request parameters were available on the login form. I could then use these parameters on the login form page to customise the form.
On 4.0.5GA if I use and http GET then all is as before. However on 4.0.5GA if I use and http POST then the parameters are not forwarded.
Is this a new feature of 4.0.5GA? If so is it possible to turn it off so that POSTs and GETs behave the same?