Export (0) Print
Expand All
0 out of 5 rated this helpful - Rate this topic

MachineKeySection Class

Defines the configuration settings that control the key generation and algorithms that are used in encryption, decryption, and media access control (MAC) operations in Windows Forms authentication, view-state validation, and session-state application isolation. This class cannot be inherited.

Namespace: System.Web.Configuration
Assembly: System.Web (in system.web.dll)
public sealed class MachineKeySection : ConfigurationSection
public final class MachineKeySection extends ConfigurationSection
public final class MachineKeySection extends ConfigurationSection
Not applicable.

The MachineKeySection class provides a way to programmatically access and modify the content of the <MachineKey> section in the configuration file. The <MachineKey> section can be configured at the machine (Machine.config) or application (Web.config) level and controls the keys and algorithms that are used for Windows Forms authentication, view-state validation, and session-state application isolation. For any of these features to work across a network of Web servers (a Web farm), the <MachineKey> attributes must be configured explicitly and identically with a valid key value. The "AutoGenerate" value does not work for Web farms, because it relies on a cryptographically random secret, which is persisted using machine-local protection and will not be coherent across more than one computer.

Notes to Implementers: If it is required to specify keys in this configuration section, as is often required in Web-farm scenarios, it is recommended that you encrypt this section by using protected configuration.

The example in this section demonstrates how to specify values declaratively for several attributes of the machineKey Element (ASP.NET Settings Schema) section, which can also be accessed as members of the MachineKeySection class.

The following example from a configuration file shows how to specify values declaratively for the machineKey Element (ASP.NET Settings Schema) section.

<system.web>
  <machineKey validationKey="AutoGenerate,IsolateApps" 
    decryptionKey="AutoGenerate,IsolateApps" 
    validation="SHA1"/>
</system.web>

The following example demonstrates how to use the MachineKeySection class.

#region Using directives

using System;
using System.Collections.Generic;
using System.Text;
using System.Configuration;
using System.Web;
using System.Web.Configuration;

#endregion

namespace Samples.Aspnet.SystemWebConfiguration
{
  class UsingMachineKeySection
  {
    static void Main(string[] args)
    {
      try
      {
        // Set the path of the config file.
        string configPath = "";

        // Get the Web application configuration object.
        Configuration config = WebConfigurationManager.OpenWebConfiguration(configPath);

        // Get the section related object.
        MachineKeySection configSection = 
          (MachineKeySection)config.GetSection("system.web/machineKey");

        // Display title and info.
        Console.WriteLine("ASP.NET Configuration Info");
        Console.WriteLine();

        // Display Config details.
        Console.WriteLine("File Path: {0}",
          config.FilePath);
        Console.WriteLine("Section Path: {0}",
          configSection.SectionInformation.Name);

        // Display ValidationKey property.
        Console.WriteLine("ValidationKey: {0}",
          configSection.ValidationKey);

        // Set ValidationKey property.
        configSection.ValidationKey = "AutoGenerate,IsolateApps";

        // Display DecryptionKey property.
        Console.WriteLine("DecryptionKey: {0}",
          configSection.DecryptionKey);

        // Set DecryptionKey property.
        configSection.DecryptionKey = "AutoGenerate,IsolateApps";

        // Display Validation property.
        Console.WriteLine("Validation: {0}",
          configSection.Validation);

        // Set Validation property.
        configSection.Validation = MachineKeyValidation.SHA1;

        // Update if not locked.
        if (!configSection.SectionInformation.IsLocked)
        {
          config.Save();
          Console.WriteLine("** Configuration updated.");
        }
        else
        {
          Console.WriteLine("** Could not update, section is locked.");
        }
      }

      catch (Exception e)
      {
        // Unknown error.
        Console.WriteLine(e.ToString());
      }

      // Display and wait
      Console.ReadLine();
    }
  }
}

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.