Uses for MachineKey in ASP.NET

StackOverflow https://stackoverflow.com/questions/550210

Question

What different ways are Machine Keys useful in asp.net? I think the following are correct but thought there may be more.

  1. Multiple applications can use the same cookie
  2. Multiple servers can work with the same viewstate
Was it helpful?

Solution

MachineKey is used for:

  • ViewState encryption and validation
  • Forms Authentication (or Federated Authentication) uses this key for signing the authentication ticket

Having a Web App installed on multiple servers requires same Machine Key configured on all of them in order for Load Balancing to work.

To see all details, please refer to: MSDN How To: Configure MachineKey in ASP.NET 2.0

OTHER TIPS

Machine key is also used to encrypt/decrypt the webresources.axd parameters.

Even on a single server the machine key should be configured, because any recycle of the app domain will generate a new key when it is set to auto. This causes the next postback just for pages rendered before the recycle, to cause a viewstate validation error, and also issues with the resources during that time.

Encryption - very common.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top