mono on Linux returns different set of cookies

Question

I have an MVC site running on mono 2.10.8.1 on apache2 undo ubuntu. I have a service that checks credentials and set cookies if all good. In windows i have no problem and got only one cookie: .ASPXAUTH. However when i deploy to linux server, it sets two cookies ASP.NET_SessionId and .MONOAUTH.

My question is why it is two cookies in linux and one in windows, and how can i get rid of ASP.NET_SessionId cookie?

I'm setting cookie like this:

    Response.AppendCookie(BuildAuthenticationCookie(login, data));

    public static HttpCookie BuildAuthenticationCookie(string login, string ticketData)
    {
        var authTicket = new FormsAuthenticationTicket(2, login, DateTime.Now,
            DateTime.Now.AddMinutes(500), false, ticketData);
        var authCookie = new HttpCookie( FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket))
        {
            HttpOnly = true,
            Secure = SiteSettings.CookiesSslOnly,
            Expires = DateTime.Now.AddMinutes(SiteSettings.AuthCookieExpirationTime)
        };
        return authCookie;
    }

Answer 1

I think there is nothing wrong with Mono. In fact, the two cookies you mention - ASP.NET_SessionId and .MONOAUTH are the Session and Forms Authorization cookies, which really are different.
To get rid of the ASP.NET_SessionId, you can either not use Sessions at all or have cookieless sessions (<sessionSate> on MSDN).

Note: You should also get two cookies on Windows. If not, it probably means that you didn't hit any MVC Actions that set some value in the SessionState. If you manage to find such an Action, you will get two cookies on Windows as well.