Company: Link Technologies
Case No: L13103. Project: 15.60: LinkSOFT Version 15.60
Logged By: Sanjay (Link Technologies) on 30 Jan 2025 01:52PM
Priority: High
Product: Framework
Group: Support
Time Taken: 42.00 (Weight: 40.00)
Assigned To: Development
Circulation: Development, Sanjay
Resolve By: Thursday, 30 January 2025 01:52 PM [22 days since logged date]
Status: Closed
Subject: Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm
Summary:    

Error Messages

Timestamp: Entered by LinkSOFT-JacksRetail on 29/01/2025 07:57:32AM Module: System.Web|Global.Application.Error ID: 6137885
Log Message: Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. See http://go.microsoft.com/fwlink/?LinkID=314055 for more information.
Log Data: {"ClassName":"System.Web.HttpException","Message":"Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.\r\n\r\nSee http://go.microsoft.com/fwlink/?LinkID=314055 for more information.","Data":null,"InnerException":{"ClassName":"System.Web.UI.ViewStateException","Message":null,"Data":null,"InnerException":null,"HelpURL":n...
Audit Notes:Edited by sanjay on 17/02/25 14:24. Edited by sanjay on 01/02/25 09:57. 
31 Jan 202504:36PM Comment 1 by Sanjay (Link Technologies) Case L13103 removed from project 15.70
31 Jan 202504:36PM Comment 2 by Sanjay (Link Technologies) Case L13103 added to project 15.60
31 Jan 202505:08PM Comment 3 by Sanjay (Link Technologies) Assigned To: Development Followup Date: 28-02-2025 08:36 PM Time Taken: 12.00
PART A - Development work for this case has been completed.

1. The change will be available in version: 15.60

2. The following changes were made (Include Database object names, Program classes, and any other relevant information):

  1. Add "App.Config" value to determine if the "Machine Key" is "Auto Generated" or "Fixed Value". Default is "Auto.Generate" as this is more secure.
  2. Changed application Machine Keys to "Auto Generate" when application is started. This will fix the keys at each site and change them every month.

3. Affected Areas:

  1. Application Security Framework

4. The issue was caused by:

  1. Improvement

5. Other Relevant Notes
6. Next Step (Review and System Test (Developer) -> UAT (Quality) -> Documentation): UAT


31 Jan 202505:39PM Comment 4 by Sanjay (Link Technologies) Assigned To: Development Followup Date: 04-02-2025 09:36 PM Time Taken: 12.00
The following tests were performed:

Test Setup Instructions:
  1. Standard Demo Environment
Table 1 - Test Results
NoTest CaseExpected ResultPass/FailComments
1Set Application Setting to "<add key="AutoGenerateMachineKey" value="Yes" />"
Machine keys should be: 

<machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps"

  validation="SHA1" decryption="AES" />

Pass

2Set Application Setting to "<add key="AutoGenerateMachineKey" value="No" />"
Machine keys should be something like: 
<machineKey validationKey="d7dd77f4056c6e264efae731248c3932bc77d2c0c81a9f6b9e71af5abfb6ff00"
decryptionKey="bdf5a5faf8eefb8390dc6bdfcd1fba1a3b98cd63538ba45818d92792a8648cdd"
validation="SHA1" decryption="AES" />
Pass

Environment Details

  1. OS version: Win11
  2. Application version: 15.60
  3. Setup on:
    1. Server: LinkQA5
    2. Database: LinkSOFT
    3. LinkSOFT URL: HTTP://LinkQA5/LinkSOFT
  4. Login Details: Standard username and password for user "admin"

Next Step: Closure


01 Feb 202509:54AM Comment 5 by Sanjay (Link Technologies) Assigned To: Development Followup Date: 04-02-2025 01:23 PM Time Taken: 6.00

Changed configuration with the following:

  1. Renamed App Settings to "MachineKeyType" with valid values = AutoGenerateMonthly, AutoGenerateOnRecycle, Manual 
    1. AutoGenerateMonthly = Automatically assign a New key every month (Default)
    2. AutoGenerateOnRecycle = New key every time App.Pool is recycled
    3. Manual = User will manually allocate

01 Feb 202509:57AM Comment 6 by Sanjay (Link Technologies) Assigned To: Development Followup Date: 04-02-2025 01:54 PM Time Taken: 12.00
The following tests were performed:

Test Setup Instructions:
  1. Standard Demo Environment
Table 1 - Test Results
NoTest CaseExpected ResultPass/FailComments
1Set Application Setting to "<add key="MachineKeyType" value="AutoGenerateOnRecycle"/>"
Machine keys should be: 

<machineKey validationKey="AutoGenerate,IsolateApps" 

decryptionKey="AutoGenerate,IsolateAppsvalidation="SHA1" 

decryption="AES" />

Pass

2Set Application Setting to "<add key="MachineKeyType" value="AutoGenerateMonthly"/>"
Machine keys should be something like: 
<machineKey validationKey="d7dd77f4056c6e264efae731248c3932bc77d2c0c81a9f6b9e71af5abfb6ff00"
decryptionKey="bdf5a5faf8eefb8390dc6bdfcd1fba1a3b98cd63538ba45818d92792a8648cdd"
validation="SHA1" decryption="AES" />
Pass

3
Set Application Setting to "<add key="MachineKeyType" value="Manual"/>"
No change to Machine key values
Pass

Environment Details

  1. OS version: Win11
  2. Application version: 15.60
  3. Setup on:
    1. Server: LinkQA5
    2. Database: LinkSOFT
    3. LinkSOFT URL: HTTP://LinkQA5/LinkSOFT
  4. Login Details: Standard username and password for user "admin"

Next Step: Closure


If you have any queries regarding this support incident, please email admin@linktechnologies.com.au and include the Case No: L13103 in the subject line of all emails regarding this issue.

Document size: 27.2 KB
For call complaints, please contact the Managing Director of the company using this form