Menu
We have a long-lived ASP.NET 3.5 application we are moving from a physical server running Windows 2005+IIS 6 to a virtual one running Windows 2008+IIS7. The new machine will assume the identify of the old one - IP's, DNS, etc.
Our clients keep our site up for hours - sometimes even days. My fear is that when we make this switch-over, suddenly all thier viewstates will fail to validate because the MachineKey will have changed.
Is this kind of disruption avoidable? Can I 'set' the new server's machineKey to be the same as the one in use now? I think it is autogenerated - can I find out what it is?
Or, is this even worth it - is this a suck-it-up situation where users shouldn't expect to be able to hit a website for that long?
472
<system.web>
<machineKey validationKey="Generate on your own" decryptionKey="Generate on your own" validation="3DES"/>
</system.web>
You are correct, moving will invalidate all Authorization Cookies. I believe, unless you have viewstate encryption turned on, viewstate will be fine.
If you add the machinekey attribute, then it doesn't matter where the site is hosted, as long as that machine key is the same, encryption and decryption will be fine. Additionally, you will need to/should use this if your site is hosted in a load balanced environment.
msdn.microsoft.com/en-us/library/ms998288.aspx
142
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
