FormsAuthentication.Decryption problem

  • Thread starter Thread starter Rodrigo m. Ferreira
  • Start date Start date
R

Rodrigo m. Ferreira

Can you help me to solve the following problem?


on my loggin page I have the code:

protected void LoginButton_Click(object sender, EventArgs e)
{
if(Membership.ValidateUser(TXTUsuario.Text, TXTSenha.Text))

{

if (CBLembra.Checked)
{
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1,TXTUsuario.Text,
DateTime.Now,DateTime.Now.AddDays(7),true,"CookieUsuario") ;
HttpCookie OuttaBiscoito = new
HttpCookie("OuttaBiscoito");
OuttaBiscoito.Value =
System.Web.Security.FormsAuthentication.Encrypt(ticket);
OuttaBiscoito.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(OuttaBiscoito);



}
else
{
Response.Cookies.Remove("OuttaBiscoito");
}

FormsAuthentication.RedirectFromLoginPage(TXTUsuario.Text,
false );

}

on my Global.asax:

protected void Session_Start(object sender, EventArgs e)
{

HttpCookie OuttaBiscoito = Request.Cookies["OuttaBiscoito"];
if (OuttaBiscoito != null)
{
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(OuttaBiscoito.Value);
FormsAuthentication.SetAuthCookie(ticket.Name,
false, ticket.CookiePath);
FormsAuthenticationTicket ticket2 = new
FormsAuthenticationTicket(1, ticket.Name, DateTime.Now,
DateTime.Now.AddDays(7), true, "CookieUsuario");
OuttaBiscoito.Value =
FormsAuthentication.Encrypt(ticket2);
OuttaBiscoito.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(OuttaBiscoito);
}
}

If i loggin and exit browser when i acess again it goes OK, but only in a
few minutes. If i exit the browser and wait about half an hour to acess, the
following error is showed:



Server Error in '/outtacom' Application.
--------------------------------------------------------------------------------

Padding is invalid and cannot be removed.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException:
Padding is invalid and cannot be removed.

Source Error:

An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.

Stack Trace:


[CryptographicException: Padding is invalid and cannot be removed.]
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer,
Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) +1545747
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[]
inputBuffer, Int32 inputOffset, Int32 inputCount) +257
System.Security.Cryptography.CryptoStream.FlushFinalBlock() +30
System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean
fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean
useValidationSymAlgo) +164
System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
+242
AdminSite.Global.Session_Start(Object sender, EventArgs e) in
Global.asax.cs:29
System.Web.SessionState.SessionStateModule.RaiseOnStart(EventArgs e)
+2221855
System.Web.SessionState.SessionStateModule.CompleteAcquireState() +159
System.Web.SessionState.SessionStateModule.BeginAcquireState(Object
source, EventArgs e, AsyncCallback cb, Object extraData) +518
System.Web.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+90
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously) +161
 
Back
Top