Skip to main content

Application deployed on a web farm - View state validation.

By default, ASP.Net 2.0 encrypts the data in the ViewState with a private key generated on the server. This key is unique to the server. So in a scenario where there is more than one server e.g. in a web farm, each server will generate its own key. This is where the trouble starts.

Consider there are 3 servers A, B and C. Say users first request is served by server A. Now when user posts the data back, say the request is sent to server B. Server B will now try to validate the data in ViewState with its own key. As the key is different to the one with which the data was encrypted, it will fail validation and will raise "Unable to validate data" error. To avoid this, configures MachineKey element in Web.Config for a cohosted website or in Machine.Config for dedicated server. Please see http://msdn2.microsoft.com/en-us/library/ms998288.aspx on how to configure machinekey.

DebugGuru
Labels:

Comments

MilPhilner said…
so, all servers use the same machineKey, right?

what about maintaining state?
22 August 2008 at 15:29
Post a Comment

Popular posts from this blog

How to detect HTML5 support for a browser?

HTML5 has introduced lots of new cool  tags . Not all the browsers support all tags and also the implementation of these tags may be different for each browser. HTML5 specification defines the functional aspects of these tags and not the implementation. Also the general concensus is that by 2022 all browsers will support all new features of HTML5. Of all the modern browsers, Chrome seems to have implemented most, if not all, featutes of HTML5. IE9 supports few. Firefox sits in between. So as a developer how do you make use of the cool HTML5 features without causing any compatibility issues with existing browsers? Traditionally developers have used User Agent to detect browser type and use the features accordingly. However these days, you can easily change a User Agent by using addons in your browser. So you need a more robust way to detect the features supported by the browser as the same engine of two different versions of a browser mig...
Post a Comment
Read more

Searching Unicode characters in Oracle table

Oracle implementation of Regular expression has no support for using hexadecimal code to search for Unicode characters. The only way to search for Unicode character is it use the character itself. Normally with Regular expression, you can use \x or \u followed by hexadecimal code to search for any character. E.g. \x20 will match space. But REGEXP_LIKE in Oracle does not support \x. You need to use unistr function to convert the code to equivalent character and then use it with REGEXP_LIKE. E.g. REGEXP_LIKE(source,'[' ||unistr('\0020')|| ']');
Post a Comment
Read more

System.Configuration in .Net Framework 2 onwards

Often application need custom configuration section. System.Configuration namespace includes classes for reading and writing configuration settings. There is a slight difference in how you use this namespace depending on the Framework version you are using Prior to .Net Framework 2.0, the .Net Framework included System.Configuration namespace, but that version of the namespace is now outdated. If you simply add the System.configuration namespace to your project (using in C#), your application references the outdated namespace. To refer to the updated namespace, follow these steps 1. In VS, open the project that requires System.Configuration namespace. 2. Click on the Project menu and then click Add Reference 3. On the .Net tab, Select System.Configuration as shown in following figure, and click OK 4. Now add the System.Configuration namespace to your project normally using Imports (in VB) or using (in C#) and your application will reference the correct version of the namespa...
Post a Comment
Read more