MachineKeySection Class

Defines the configuration settings that control the key generation and algorithms that are used in encryption, decryption, and media access control (MAC) operations in Windows Forms authentication, view-state validation, and session-state application isolation. This class cannot be inherited.

Namespace: System.Web.Configuration
Assembly: System.Web (in system.web.dll)

Public NotInheritable Class MachineKeySection
	Inherits ConfigurationSection
Dim instance As MachineKeySection

public final class MachineKeySection extends ConfigurationSection
public final class MachineKeySection extends ConfigurationSection
Not applicable.

The MachineKeySection class provides a way to programmatically access and modify the content of the <MachineKey> section in the configuration file. The <MachineKey> section can be configured at the machine (Machine.config) or application (Web.config) level and controls the keys and algorithms that are used for Windows Forms authentication, view-state validation, and session-state application isolation. For any of these features to work across a network of Web servers (a Web farm), the <MachineKey> attributes must be configured explicitly and identically with a valid key value. The "AutoGenerate" value does not work for Web farms, because it relies on a cryptographically random secret, which is persisted using machine-local protection and will not be coherent across more than one computer.

Notes to Implementers: If it is required to specify keys in this configuration section, as is often required in Web-farm scenarios, it is recommended that you encrypt this section by using protected configuration.

The example in this section demonstrates how to specify values declaratively for several attributes of the machineKey Element (ASP.NET Settings Schema) section, which can also be accessed as members of the MachineKeySection class.

The following example from a configuration file shows how to specify values declaratively for the machineKey Element (ASP.NET Settings Schema) section.

  <machineKey validationKey="AutoGenerate,IsolateApps" 

The following example demonstrates how to use the MachineKeySection class.

Imports System
Imports System.Collections.Generic
Imports System.Text
Imports System.Configuration
Imports System.Web
Imports System.Web.Configuration

Namespace Samples.Aspnet.SystemWebConfiguration
  Class UsingMachineKeySection
    Public Shared Sub Main()
        ' Set the path of the config file.
        Dim configPath As String = ""

        ' Get the Web application configuration object.
        Dim config As System.Configuration.Configuration = _

        ' Get the section related object.
        Dim configSection As System.Web.Configuration.MachineKeySection = _
         CType(config.GetSection("system.web/machineKey"), _

        ' Display title and info.
        Console.WriteLine("ASP.NET Configuration Info")

        ' Display Config details.
        Console.WriteLine("File Path: {0}", config.FilePath)
        Console.WriteLine("Section Path: {0}", configSection.SectionInformation.Name)

        ' Display ValidationKey property.
        Console.WriteLine("ValidationKey: {0}", _

        ' Set ValidationKey property.
        configSection.ValidationKey = "AutoGenerate,IsolateApps"

        ' Display DecryptionKey property.
        Console.WriteLine("DecryptionKey: {0}", configSection.DecryptionKey)

        ' Set DecryptionKey property.
        configSection.DecryptionKey = "AutoGenerate,IsolateApps"

        ' Display Validation value.
        Console.WriteLine("Validation: {0}", configSection.Validation)

        ' Set Validation value.
        configSection.Validation = MachineKeyValidation.SHA1

        ' Update if not locked.
        If Not configSection.SectionInformation.IsLocked Then
          Console.WriteLine("** Configuration updated.")
          Console.WriteLine("** Could not update, section is locked.")
        End If

      Catch e As Exception
        ' Unknown error.
      End Try

      ' Display and wait
    End Sub
  End Class
End Namespace

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows Server 2000 SP4, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0