Creating a web farm - ASP.Net machineKey causes membership logons to fail

Question

We are implementing a load balancer for our web site for redundancy purposes so if website 1 goes down, the load balancer will send all traffic to server 2 and vice versa.

I have implemented a machineKey that I generated in the web.config, but in doing so have broken my membership logins.

From what I've read, the provider should default to "hash" unless I have the provider set to "encrypted" and this shouldn't have affected my login, but it has. I can't seem to log in anymore, receiving an invalid password error.

Here is my relevant web.config code:

<machineKey
    validationKey="A181A9E1960ABFC9DF3F2D8AAC8597FFDCA69A87591B5D89D0A539A21AC543022680DFBF181BACC37533D15FCA59A0E4E1A2AA748A268FFED48AAFED00C8BA7A"
    decryptionKey="7366076C8BE16F2DA3AF9642071A136E5D8386ECA7659347560063474AFF61BB"
    validation="SHA1"
    decryption="AES" />
<membership defaultProvider="DefaultMembershipProvider">
    <providers>
    <add name="DefaultMembershipProvider"
        type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
        connectionStringName="ClientRunner"
        enablePasswordRetrieval="false"
        enablePasswordReset="true"
        requiresQuestionAndAnswer="false"
        requiresUniqueEmail="false"
        maxInvalidPasswordAttempts="5"
        minRequiredPasswordLength="6"
        minRequiredNonalphanumericCharacters="0"
        passwordAttemptWindow="10"
        applicationName="/" />
    </providers>
</membership>

What am I doing wrong here?

score 0 · Accepted Answer · answered Feb 18 '14 at 21:40

0

I'm not exactly sure why this worked for me, but what I ended up doing was to modify my web.config like so:

<membership defaultProvider="DefaultMembershipProvider" 
    hashAlgorithmType="HMACSHA256">

and

<machineKey
    validationKey="50E5BFCB171748F86DA392AC55D5217EDEFCE43C9B6D192C5265D8F0CDDC86CECBA42040C408B7B71EAD6A4CE669545AAFDE76BBA42CA44203223A7ADC442D1E"
    decryptionKey="EE9C03B1D922639AB7BA3C00E8C993BD8F6D27635B07979DF09F8C174C91CA65"
    validation="MD5" decryption="Auto" />

The existing membership info seems to be allowing me to sign in now.

answered Feb 18 '14 at 21:40

Scottie

11,050
19
68
109

3

Friendly reminder: don't paste your real 'machineKey' in to public sites like this. You should generate a new one. – Levi Feb 19 '14 at 03:03
Please help me, I could not find the answer for three days for this problem: The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster. – Ace Supriatna Jul 04 '14 at 16:17

Creating a web farm - ASP.Net machineKey causes membership logons to fail

1 Answers1