1

I have 2 servers, load balanced.

MVC app, IIS 7, using webforms authentication.

I've set both machines to have the same machine key, in their web.configs. (copy and paste).

I've double checked that both machines have the same key, by eyeballing them in the IIS interface.

Yet, when the load balancing switches from one server to the other, I'm not logged in when I should be (or not, depending on which server).

What could be going wrong here?

Kiquenet
  • 14,494
  • 35
  • 148
  • 243
Nik
  • 2,718
  • 23
  • 34
  • Look at the Event Log of your servers. Do you see some errors saying that ASP.NET could not decrypt the authentication cookie? – Darin Dimitrov Feb 13 '12 at 21:31
  • See if this relevant http://stackoverflow.com/questions/3855666/adding-machinekey-to-web-config-on-web-farm-sites – Dor Cohen Feb 13 '12 at 21:32
  • One machine was installed fairly recently, while the other is older. Could it be that the asp.net oracle vulnerability is patched on the one, but not on the other, and that would cause them to be different? – Nik Feb 13 '12 at 21:45
  • Yes - that was correct. Once the old machine was patched, it all started working fine. Dor your comment lead me to that result - if you post an answer to that effect I'll accept it? (Is that the protocol in this situation?) – Nik Feb 15 '12 at 22:00

0 Answers0