Web Farm and <machineKey>

K

Kevin Burton

I have a Web Farm and I understand that in order to keep
ViewState safe I want to modify the <machineKey>.

1) The documentation indicates that EnableViewStateMac
defaults to "false" but I am seeing View State corruption
messages (as a result of HttpException). Can the View
State be detected as corrupt without the MAC validation?

2) I see some examples of some keys that I can use for
validation and encryption. Is there a utility that I can
use to generate a key? Yes, I understand that the same key
has to be on each member of the Web farm. I would just
like to generate my own key.

3) Is the default to encrypt and hash or just hash or none?

Thank you.

Kevin
(e-mail address removed)
 
I

Imtiaz Hussain

The purpose of the View State MAC feature is to make it impossible for
clients to send a request containing malicious View State. This feature is
enabled by default, via the enableViewStateMac="true" flag in your
machine.config. The simplest way to determine whether the issue you are
dealing with is related to the MAC is to turn off the feature, by setting
enableViewStateMac="false". If you no longer get View State errors, then
the problem is MAC related.

The viewstate error can be caused due to an underlying exception not being
handled properly.

One of the prominent causes of this error in a web farm environment is the
fact that the validation key is left as AutoGenerate.
In a Web Farm, each client request can go to a different machine on every
postback. Because of this, you cannot leave the validationKey set to
'AutoGenerate' in machine.config. Instead, you must set it to a fixed
string that is shared among all the machines on the Web Farm.


The following article tells you how to create the keys.
313091 HOW TO: Create Keys by Using Visual Basic .NET for Use in Forms
http://support.microsoft.com/?id=313091

Hope this helps.
Imtiaz Hussain.
 
D

Dominick Baier [DevelopMentor]

it is unnecessary to use a 32 bit encryption key with AES - this is not more
secure than 16 bytes but slower...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,479
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top