We have developed a solution where we use BankID as a user authentication mechanism and where all communication are conducted over SSL and where we connects the certificate info to a user in EPiServer. Everything works in the development environment and the user is authenticated and logged in just as expected, but when we apply the solution to our production environment the user is authenticated correctly and the IPrincipal object is returned to EPiServer but when the Respone.Redirect to the url that HandleLogin returns is fired the user is returned to the login page as nothing have happened and the user in the context are back to Anonymous. Has anybody encountered this problem before? Best Regards /Johan