V
Vijay Chikte
Hi Experts,
With Session Affinity and Web Server Farm on ISA Server 2006 accessing 2
backend IIS servers, I’m getting error “Validation of ViewState MAC failed.
If this application is hosted by a Web Farm or cluster, ensure that
<machineKey> configuration specifies the same validationKey and validation
algorithm. AutoGenerate cannot be used in a clusterâ€.
Here is the scenario when I got the error.
1. ASP.Net web application is installed on 2 backend IIS Servers. Web
application consists of a simple login page which contains UserName, Password
fields and Submit button.
2. Web farm is created on ISA Server 2006 to access both backend IIS Servers.
3. All the requests to the backend IIS servers go through the ISA 2006
firewall.
4. While creating Web Publishing Rule to access Web application folder from
backend IIS Servers, Session Affinity is used for Load Balancing so that the
requests from the same session should go to the same IIS server.
5. When I tried to access login page simultaneously from multiple browsers,
after submitting the form on web page simultaneously from different browsers,
it gave error “Validation of ViewState MAC failed†in some of the browsers.
6. I got the error only when I used HTTP protocol. When the same setup was
done for HTTPS, I did not get error and all the requests were routed to
different backend IIS Servers as expected.
I searched on net for help, in some of the resources, it is mentioned that
<machineKey> element set in Web.config file is used for encrypting and
MAC-checking on the ViewState and if the encryption settings are different on
different servers, ASP.Net consider the ViewState as modified and gives the
exception. So, it is suggested to use the same <machineKey> on all the
backend servers in case of servers on Web farm. I tried using the same
<machineKey> on backend IIS Servers and the error was gone.
When we are using Session Affinity to create Web Publishing Rule which uses
Web Farm to handle both backend IIS Servers, why do we need same
<machineKey>? I want to understand the reason behind the error and why the
error occurs only on HTTP and not on HTTPS?
I would appreciate your quick response.
Thank you in advance.
Vijay
With Session Affinity and Web Server Farm on ISA Server 2006 accessing 2
backend IIS servers, I’m getting error “Validation of ViewState MAC failed.
If this application is hosted by a Web Farm or cluster, ensure that
<machineKey> configuration specifies the same validationKey and validation
algorithm. AutoGenerate cannot be used in a clusterâ€.
Here is the scenario when I got the error.
1. ASP.Net web application is installed on 2 backend IIS Servers. Web
application consists of a simple login page which contains UserName, Password
fields and Submit button.
2. Web farm is created on ISA Server 2006 to access both backend IIS Servers.
3. All the requests to the backend IIS servers go through the ISA 2006
firewall.
4. While creating Web Publishing Rule to access Web application folder from
backend IIS Servers, Session Affinity is used for Load Balancing so that the
requests from the same session should go to the same IIS server.
5. When I tried to access login page simultaneously from multiple browsers,
after submitting the form on web page simultaneously from different browsers,
it gave error “Validation of ViewState MAC failed†in some of the browsers.
6. I got the error only when I used HTTP protocol. When the same setup was
done for HTTPS, I did not get error and all the requests were routed to
different backend IIS Servers as expected.
I searched on net for help, in some of the resources, it is mentioned that
<machineKey> element set in Web.config file is used for encrypting and
MAC-checking on the ViewState and if the encryption settings are different on
different servers, ASP.Net consider the ViewState as modified and gives the
exception. So, it is suggested to use the same <machineKey> on all the
backend servers in case of servers on Web farm. I tried using the same
<machineKey> on backend IIS Servers and the error was gone.
When we are using Session Affinity to create Web Publishing Rule which uses
Web Farm to handle both backend IIS Servers, why do we need same
<machineKey>? I want to understand the reason behind the error and why the
error occurs only on HTTP and not on HTTPS?
I would appreciate your quick response.
Thank you in advance.
Vijay