ASP. NET shared ticket

By default, the authentication ticket cookie cannot be shared among multiple servers. Because each server automatically generates its own key, if you want to share the authentication ticket cookie, therefore, the encryption algorithm for the authentication ticket between servers \ The Password Key is required.
Must be in the machine. config or web. config file that requires the shared authentication ticket cookie Server
(LOCATION % WinDir % \ Microsoft. NET \ framework \ {version} \ config)
The statement is as follows:
For example:
<Machinekey validationkey = "encrypt" decryptionkey = "8ff5eeb96e96894e33fdf51218f9587f606285a6fdb95fea" validation = "sha1"/>

Decryptionkey

RequiredStringAttribute. Specifies the key used to encrypt and decrypt data or the process that generates the key. WhenValidationSetTripledesThis attribute is used for Forms authentication encryption and decryption, and view State encryption.

If you addIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.IsolateappsIt is also part of the default value.

If you need to support configuration in the web server network (Network farm), manually set this attribute to ensure that the configuration is consistent.

This attribute can be one of the following values.

 

Value	Description
Autogenerate	Specify ASP. NET to generate a random key and store it in LSA. This value is the default value. IfDecryptionkeyAdd ValueIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.
Value	Specify a manually assigned key. This value must be manually set to a hexadecimal string to ensure that the configuration is consistent throughout the network. When des is used for encryption, the key length should be 16 characters; When des (3 DES) is used for encryption, the key length should be 48 characters. If you want to use a key with a length less than the maximum length, you should create these keys in a real random way (for example, by using the rngcryptoserviceprovider class. ASP. NET can use Triple DES only when the computer uses 128-bit encryption. IfDecryptionkeyAdd ValueIsolateappsModifier, ASP. NET will use the Application ID of each application to generate a unique encryption key for each application.

The default value is"Autogenerate, isolateapps".

<Machinekey> element

Configure the keys used to encrypt and decrypt Forms authentication cookie data and view status data, and configure the keys used to verify the non-process session status identity. This section can be declared at the computer, site, or application level, but not at the subdirectory level.

Configuration Structure:

<Configuration>
<System. Web>
<Machinekey>

<machineKey validationKey="AutoGenerate|value[,IsolateApps]" decryptionKey="AutoGenerate|value[,IsolateApps] validation="SHA1|MD5|3DES"/>

Requirements

• Included in:<System. Web>
• Web Platform:IIS 5.0, IIS 5.1, IIS 6.0
• Configuration file:Machine. config, Web. config
• Configuration section handler:System. Web. configuration. machinekeyconfighandler

For details about the machinekey configuration element, see http://msdn2.microsoft.com/zh-cn/library/w8h3skw9 (vs.80). aspx: