Forms Authen, Decrypt Error & Clustered Servers

U

UnholyWa

New Member
Hey Guys,<BR><BR>We have a client who is running a clustered server set up and they have a login form which is using .net forms authentication. What they're doing is hosting the site off of one server while working on updates on the other and then when they are done with the updates they switch the live site to the updated server and work on the other. <BR><BR>The login on this site has an option to save the login information so the user is automatically logged in, this works fine for the most part. The error occurs when they switch from the first server to the second. All the people who were previously permanently authenticated for server 1 are getting a CryptographicException Bad Data error in the global.aspx.vb file. Here is the code causing the error:<BR><BR> Public Sub FormsAuthentication_OnAuthenticate(ByVal sender As Object, ByVal e As FormsAuthenticationEventArgs)<BR><BR> ' Only set a user's roles after the user has been authenticated<BR> Dim cookie As HttpCookie = e.Context.Request.Cookies(FormsAuthentication.Form sCookieName)<BR> If Not cookie Is Nothing Then<BR> ' Get the cookie & make sure it's still good<BR>---- ERROR -----> Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(cookie.Value)<BR> If Not ticket.Expired Then<BR><BR> Dim username As String = ticket.Name<BR><BR><BR> Dim usr As New YeoUtils.User(username)<BR> Dim ds As DataSet = usr.GetRoles()<BR> Dim ary As New ArrayList()<BR> Dim myRow As DataRow<BR> For Each myRow In ds.Tables(0).Rows<BR> ary.Add(myRow("u_name"))<BR> Next myRow<BR><BR> Dim roles() As String<BR> roles = ary.ToArray(username.GetType)<BR><BR> ' And finally replace the User object with your custom one.<BR> Dim id As New GenericIdentity(username)<BR> e.User = New GenericPrincipal(id, roles)<BR> End If<BR> End If<BR> End Sub<BR><BR>And here is the code setting the cookie in the first place:<BR><BR> Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click<BR><BR> If memberId.Text = "" Then Exit Sub<BR><BR> If Authenticate() Then<BR> FormsAuthentication.SetAuthCookie(memberId.Text, persistForms.Checked)<BR> Response.Redirect(ConfigurationSettings.AppSetting s("PublicLoginDest"))<BR> Else<BR> 'This forces a relogin since there was no cookie set.<BR> Response.Redirect(ConfigurationSettings.AppSetting s("PublicLoginDest"))<BR> End If<BR><BR> End Sub<BR><BR>So any ideas? To recap, everything works great with authentication until they switch to the other server at which time all previously authenticated users get this Bad Data encryption error as soon as the global.asax file loads.<BR><BR>Thanks, <BR><BR>])ry
 
You must log in or register to reply here.
Back
Top