Validation Of Viewstate MAC failed

Question

0.00/5 (No votes)

See more:

Hi All,

I am getting bellow error some times while running the application at production server. When running the same application at test server it working fine.

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machinekey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.</machinekey>

I have found this while googling. it is using the following in the web.config of
website: enableViewStateMac="false" viewStateEncryptionMode="Never" enableEventValidation="false"

Is there any other way to fix this. Is there something in IIS or the web.config I can set to stop this message randomly coming up?

Posted 31-Jul-11 23:46pm

Jeevanrao

Updated 31-Jul-11 23:55pm

Toniyo Jackson

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Shameel · Answer 1 · 2011-08-01T01:21:00

If it is a webfarm with dynamic load balancing, you may see this error. Basically what is happening is, a server is serving the request for a page and the page is posted back to a different server. The two servers use different keys to encrypt the viewstate information. The server that receives the postback request tries to decrypt the viewstate with its key which is different from the key it as encrypted. To fix this issue, you have to use the same key across all servers in your webfarm.
You can set this either in machine.config or your web.config. But it has to be the same across all servers.

HTML

<machinekey validationkey="<encryptionkey>" decryptionkey="<decryptionkey>" validation="SHA1" decryption="Auto" />

You can use this C# function to generate the keys:

C#

public static string CreateMachineKey(int length)
		{
			// Create a byte array.
			byte[] random = new byte[length/2];
			// Create a cryptographically strong random number generator.
			System.Security.Cryptography.RNGCryptoServiceProvider rng = new System.Security.Cryptography.RNGCryptoServiceProvider();
			
			// Fill the byte array with random bytes.
			rng.GetBytes(random);
			
			// Create a StringBuilder to hold the result once it is
			// converted to hexadecimal format.
			System.Text.StringBuilder machineKey = new System.Text.StringBuilder(length);
			// Loop through the random byte array and append each value
			// to the StringBuilder.
			for (int i = 0; i < random.Length; i++)
			{
				machineKey.Append(String.Format("{0:X2}", random[i]));
			}
			return machineKey.ToString();
		}

The encryption key length can be between 40 and 128 and the decryption key lengh can be either 16 or 48. The recommended lengths are 128 for the encryption key and 48 for the decryption key.