I've a listView to show list of data. It was all good and suddendly we are receiving the error message below:
Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.Invalid viewstate. Client IP...User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.3) ViewState:
Could anyone please guide me through how to fix this issue. Please note: 1. Our IIS Server is standalone not a farmed.
Update: The ListView has hyperlink to records where uses can click. Thanks heaps.
The best fix to this problem is to avoid using binary serialization. Binary serialization uses many resources even when you do not run into this problem. Instead, limit what you put in view state to a combination of Arrays, Pairs, Triplets, and simple types (for example, strings, int, and other types).
The MAC ensures that the client hasn't tampered with these fields. When EnableViewStateMac is set to true, this code is validated by the server when the client submits the __VIEWSTATE hidden form field during post back. This setting has been enabled (true) by default for all versions of ASP.NET.
It could be that IIS recycled your app and therefore you get new keys for the session/view state. To alleviate this, add a machine static key in the web.config.
Generate a key from http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.aspx
And place the keys in your web.config example as below
<machineKey
validationKey="56AB7132992003EE87F74AE4D9675D65EED8018D3528C0B8874905B51940DEAF6B85F1D922D19AB8F69781B2326A2F978A064708822FD8C54ED74CADF8592E17"
decryptionKey="A69D80B92A16DFE1698DFE86D4CED630FA56D7C1661C8D05744449889B88E8DC"
validation="SHA1" decryption="AES" />
The <machineKey>
should be put inside <system.web>
section.
I think the problem is Different keys across postback
,so you need to generate new encryption keys.
From Code Project:
There are two keys that ASP.NET uses to encrypt, decrypt, and validate data in ViewState, Forms Authetication tickets, and out-of-process Session data. The decryptionKey is used for encryption and decryption of authentication tickets and encrypted ViewState information. The validationKey is used to validate ViewState and ensure it hasn't been tampered with, and generate unique application-specific session IDs for out-of-process session storage. You can run into problems if the key changes between postbacks.
A good article how to do this here, here, here and here.
In general you need to take some issues in consideration when moving to the production environment.
A good article about this here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With