0

I have a problem with the identity of users being invalidated whenever the application pool is recycled at my shared host.

I've read that I may be able to solve this by specifying a machine key, instead of it being auto generated, but first I want to test this on my dev machine.

I changed my app pool to recycle every 1 minute and checked the website settings to see that the machine key is auto generated. However, after the pool is recycled, I am still logged in to my site.

What other changes do I need to make?

Thanks, Jules

Jules
  • 4,319
  • 3
  • 44
  • 72
  • How and where are you storing logged-in users' information? The machine-key should have no bearing on how authentication or session-state works. It's possible your shared-host has incorrectly configured their servers. – Dai Jun 07 '14 at 08:51
  • @Dai The machine key has impact on how forms authentication cookies are encrypted though. If he doesnt use session (or uses out of proc session) a reason why a user is getting locked out could be the machine key. Have a look into your local machine's machine.config. Delete the machine key from the config and restart your test – Schadensbegrenzer Jun 07 '14 at 09:01
  • Everything has been left as the default Visual Studio 2013 OWIN/Katana template. – Jules Jun 07 '14 at 09:01

0 Answers0