473,326 Members | 2,255 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

machineKey

my web servers had .NET 1.1 on them and today we installed .NET 2.0 to deploy
a few new applications. After running aspnet_resiis.exe -i under the 2.0
framework directory all my single signon 1.1 applications no longer work. In
the past on each server I used something like<machineKey
validationKey='015E14DCCF38E2FC11B2D3DB0787A64F45E 807EDACC57BFBD71DF64E5CFB20EBD5720F037FA549342B6A9 351A125C2FF0C2A2A7EFC3F5B531BAF567BDF16B829'
decryptionKey='2EF72A2E32B936EFD2225A3B85DB1E0AF5F E8D1DC8396174'
validation='SHA1'/>

This allowed for each server and each application to use the same key.
Where do I set this in .NET 2.0? I could not see the option in the
machine.config. I am guessing once all applications can see the machineKey
values single sigon will work again across servers and applications. I hope
that a single config setting can resolve this issue as we cannot convert all
of our applications to 2.0
Jan 20 '06 #1
5 6326
Dear Customer,

From you description, I understand that after running "aspnet_resiis.exe
-i" under the .NET framework 2.0 directory, all your .NET 1.1 applications
do not work with the Single Sign-on feature any more.

If I misunderstood, please feel free to let me know.

Based on my research, in .NET 1.1, there is a machineKey element in the
machine.config file to set the validation Key.
In .NET 2.0, the following default machineKey element is not explicitly
configured in the Machine.config file or in the root Web.config file.
However, it is the default configuration that is returned by application.
<machineKey
validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps"
validation="SHA1"
decryption="Auto"
/>

machineKey Element (ASP.NET Settings Schema)
http://msdn2.microsoft.com/en-us/library/w8h3skw9.aspx

If we want the web applications which are running on both .NET 1.1 and .NET
2.0 to support the Single Sign-on feature, we may try to set both .NET 1.1
and .NET 2.0 machine.config files. We need to make sure the machineKey
element in the machine.config files are of the same value.

If you still have any concern, please feel free to let me know.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Jan 23 '06 #2
Since the machineKey as you mentioned is not explictly configured, where
should I place it in the machine.config? Do I just need to place the entry
as you gave me into the machine.config? I would need to set the key, and I
think I read that decryption needed to be 3DES for 1.1 to work as well if I
had my login app with .NET 2.0?

""Peter Huang" [MSFT]" wrote:
Dear Customer,

From you description, I understand that after running "aspnet_resiis.exe
-i" under the .NET framework 2.0 directory, all your .NET 1.1 applications
do not work with the Single Sign-on feature any more.

If I misunderstood, please feel free to let me know.

Based on my research, in .NET 1.1, there is a machineKey element in the
machine.config file to set the validation Key.
In .NET 2.0, the following default machineKey element is not explicitly
configured in the Machine.config file or in the root Web.config file.
However, it is the default configuration that is returned by application.
<machineKey
validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps"
validation="SHA1"
decryption="Auto"
/>

machineKey Element (ASP.NET Settings Schema)
http://msdn2.microsoft.com/en-us/library/w8h3skw9.aspx

If we want the web applications which are running on both .NET 1.1 and .NET
2.0 to support the Single Sign-on feature, we may try to set both .NET 1.1
and .NET 2.0 machine.config files. We need to make sure the machineKey
element in the machine.config files are of the same value.

If you still have any concern, please feel free to let me know.

Best regards,

Peter Huang
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Jan 23 '06 #3
Hi Nt32msngns,

For ASP.NET 2.0/.net 2.0, we can still configure the <machinekey> in
machine.config or web.config file. Yes, as you've seen, the default setting
is not explicitly set in .net 2.0's machine.config, however, this dosn't
means that we can not set it, it is because .net 2.0 maintain the default
setting internally, if you want to override them with your own setting,
just feel free to add the <machineKey> element and configure your own
setting. You can view the MSDN documenation on the .NET 2.0 <machineKey>
setting.... , it remains mostly with from 1.1 setting....

#machineKey Element (ASP.NET Settings Schema)
http://msdn2.microsoft.com/en-us/library/w8h3skw9.aspx

Also ,here is a msdn article mentioned how to configure machinekey in
asp.net 2.0....

#How To: Configure MachineKey in ASP.NET 2.0
http://msdn.microsoft.com/library/en...7.asp?frame=tr
ue

BTW, are your asp.net applications currently recompiled(upgrated) to
asp.net 2.0, or just some of them are upgraded(or none of them is upgrated,
still remain 1.1)? If still remain 1.1, we should configure the IIS back
to ASP.NET 1.1 and run them under 1.1

Thanks & Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

--------------------
| Thread-Topic: machineKey
| thread-index: AcYgGvhVkTGW27qPRZmXxDZwBpWYGg==
| X-WBNR-Posting-Host: 12.208.39.77
| From: "=?Utf-8?B?Tmljaw==?=" <nt********@online.nospam>
| References: <8C**********************************@microsoft.co m>
<8Q**************@TK2MSFTNGXA02.phx.gbl>
| Subject: RE: machineKey
| Date: Mon, 23 Jan 2006 04:46:03 -0800
| Lines: 47
| Message-ID: <7C**********************************@microsoft.co m>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.general
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:186912
| X-Tomcat-NG: microsoft.public.dotnet.general
|
| Since the machineKey as you mentioned is not explictly configured, where
| should I place it in the machine.config? Do I just need to place the
entry
| as you gave me into the machine.config? I would need to set the key, and
I
| think I read that decryption needed to be 3DES for 1.1 to work as well if
I
| had my login app with .NET 2.0?
|
| ""Peter Huang" [MSFT]" wrote:
|
| > Dear Customer,
| >
| > From you description, I understand that after running
"aspnet_resiis.exe
| > -i" under the .NET framework 2.0 directory, all your .NET 1.1
applications
| > do not work with the Single Sign-on feature any more.
| >
| > If I misunderstood, please feel free to let me know.
| >
| > Based on my research, in .NET 1.1, there is a machineKey element in the
| > machine.config file to set the validation Key.
| > In .NET 2.0, the following default machineKey element is not
explicitly
| > configured in the Machine.config file or in the root Web.config file.
| > However, it is the default configuration that is returned by
application.
| > <machineKey
| > validationKey="AutoGenerate,IsolateApps"
| > decryptionKey="AutoGenerate,IsolateApps"
| > validation="SHA1"
| > decryption="Auto"
| > />
| >
| > machineKey Element (ASP.NET Settings Schema)
| > http://msdn2.microsoft.com/en-us/library/w8h3skw9.aspx
| >
| > If we want the web applications which are running on both .NET 1.1 and
NET
| > 2.0 to support the Single Sign-on feature, we may try to set both .NET
1.1
| > and .NET 2.0 machine.config files. We need to make sure the machineKey
| > element in the machine.config files are of the same value.
| >
| > If you still have any concern, please feel free to let me know.
| >
| > Best regards,
| >
| > Peter Huang
| > Microsoft Online Partner Support
| >
| > Get Secure! - www.microsoft.com/security
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| >
|

Jan 24 '06 #4
By addeing the machineKey element , all programs started working again. I
have some using 1.1 and others have been upgraded to 2.0.
Jan 24 '06 #5
That's good. Thanks for your followup.

Regards,,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

--------------------
| Thread-Topic: machineKey
| thread-index: AcYg9BDGGIL8WnrKRAOiaNtrv5KVuw==
| X-WBNR-Posting-Host: 12.208.39.77
| From: "=?Utf-8?B?Tmljaw==?=" <nt********@online.nospam>
| References: <8C**********************************@microsoft.co m>
<8Q**************@TK2MSFTNGXA02.phx.gbl>
<7C**********************************@microsoft.co m>
<W7*************@TK2MSFTNGXA02.phx.gbl>
| Subject: RE: machineKey
| Date: Tue, 24 Jan 2006 06:40:05 -0800
| Lines: 2
| Message-ID: <98**********************************@microsoft.co m>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.general
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGXA03.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:187041
| X-Tomcat-NG: microsoft.public.dotnet.general
|
| By addeing the machineKey element , all programs started working again.
I
| have some using 1.1 and others have been upgraded to 2.0.
|

Jan 25 '06 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: dgermano | last post by:
I need some info to make sure I avoid problems with my webfarms. Currently I'm running 3 separate sites, each with their own webfarm of 2-3 webservers. All of these sites are using the same...
2
by: Zoe Hart | last post by:
In an effort to address ViewState invalid errors, I want to set the machineKey element in web.config on my two web servers. (The load balancer should be keeping a client on a single web server...
3
by: TK | last post by:
How can I get my unique key values for the "validationkey" and "decryptionkey" attributes in a <machineKey> element in my web.config? Is there any tools I can use for? Any input would be highly...
4
by: STech | last post by:
Are there any built in ways to read the MachineKey attributes from the machine.config? Thanks.
7
by: Ron | last post by:
Error Message:Unable to validate data. Stack Trace: at System.Web.Configuration.MachineKey.GetDecodedData(Byte buf, Byte modifier, Int32 start, Int32 length, Int32& dataLength) at...
0
by: Komil | last post by:
Hey Guys, We are using a webfarm environment to host our current site. There are three machine involved in this webfarm. I have copied the same machinekey information that was generated from...
1
by: Dhruba Bandopadhyay | last post by:
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm....
1
by: Jeff | last post by:
Hey ASP.NET 2.0 I'm developing a web portal and are about to move the development environment to a different computer. I wonder if I have to change the machineKey because I changed developed...
0
by: archana | last post by:
Hi all, can anyone tell me use of machinekey in machine.config file. I am developing one windows service and i am trying to use state service to store session data. I am not clear about its...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.