Last post Aug 14, 2011 01:31 PM by Gaucho
Aug 12, 2011 04:54 PM|Gaucho|LINK
Greetings - users are able to login and logout of my site normally, most of the time. However, too often users are "kicked out" and directed back to the login screen for no particular reason that I've been able to detect. This seems to happen during page
loads. There doesn't seem to be a pattern. At first, users saw the dreaded "Validation of viewstate MAC failed" error, but I think I've been able to eliminate this error. Now I just see random "automatic" (but unwanted) logoffs. Here is the authentication
portion of my web.config. Any ideas? Thanks.
Aug 14, 2011 05:40 AM|muhcis|LINK
can u try to increase the time out set it to 2280
Aug 14, 2011 05:57 AM|hans_v|LINK
The authentication cookie is encrypted/decrypted using the machine key in your web.config. If you didn't specify one, ASP.NET will generate one for you. So far so good, but when the ASP.NET process recycles, ASP.NET will generate a new one for you. When
this happens between two postbacks of the same user, the authentication cookie was encrypted using the first machine key, but when the user postbacks after the ASP/NET worker process has recycled and a new machine key was generated, the authentication ticket
cannot be decrypted anymore (so it can't be read anymore) and the users will be redirected to the login page.
The solution is very simple, just add a machine key to your web.config, so the same machine key is used on all postbacks....
Aug 14, 2011 01:31 PM|Gaucho|LINK
Thanks for the detailed information. I'll give it a shot later tonight when I have a chance, and post the results. I appreciate being led in the right direction!