ASP. NET shared ticket

Source: Internet
Author: User
Tags sha1
By default, the authentication ticket cookie cannot be shared among multiple servers. Because each server automatically generates its own key, if you want to share the authentication ticket cookie, therefore, the encryption algorithm for the authentication ticket between servers \ The Password Key is required.
Must be in the machine. config or web. config file that requires the shared authentication ticket cookie Server
(LOCATION % WinDir % \ Microsoft. NET \ framework \ {version} \ config)
The statement is as follows:
For example:
<Machinekey validationkey = "encrypt" decryptionkey = "8ff5eeb96e96894e33fdf51218f9587f606285a6fdb95fea" validation = "sha1"/>

Decryptionkey

RequiredStringAttribute. Specifies the key used to encrypt and decrypt data or the process that generates the key. WhenValidationSetTripledesThis attribute is used for Forms authentication encryption and decryption, and view State encryption.

If you addIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.IsolateappsIt is also part of the default value.

If you need to support configuration in the web server network (Network farm), manually set this attribute to ensure that the configuration is consistent.

This attribute can be one of the following values.

 
Value Description

Autogenerate

Specify ASP. NET to generate a random key and store it in LSA. This value is the default value. IfDecryptionkeyAdd ValueIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.

Value

Specify a manually assigned key. This value must be manually set to a hexadecimal string to ensure that the configuration is consistent throughout the network. When des is used for encryption, the key length should be 16 characters; When des (3 DES) is used for encryption, the key length should be 48 characters. If you want to use a key with a length less than the maximum length, you should create these keys in a real random way (for example, by using the rngcryptoserviceprovider class. ASP. NET can use Triple DES only when the computer uses 128-bit encryption. IfDecryptionkeyAdd ValueIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.

The default value is"Autogenerate, isolateapps".

<Machinekey> element

Configure the keys used to encrypt and decrypt Forms authentication cookie data and view status data, and configure the keys used to verify the non-process session status identity. This section can be declared at the computer, site, or application level, but not at the subdirectory level.

Configuration Structure:

<Configuration>
<System. Web>
<Machinekey>

<machineKey validationKey="AutoGenerate|value[,IsolateApps]" decryptionKey="AutoGenerate|value[,IsolateApps] validation="SHA1|MD5|3DES"/>
Requirements
  • Included in:<System. Web>
  • Web Platform:IIS 5.0, IIS 5.1, IIS 6.0
  • Configuration file:Machine. config, Web. config
  • Configuration section handler:System. Web. configuration. machinekeyconfighandler

For details about the machinekey configuration element, see http://msdn2.microsoft.com/zh-cn/library/w8h3skw9 (vs.80). aspx:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.