MachineKeySection Class
Assembly: System.Web (in system.web.dll)
The MachineKeySection class provides a way to programmatically access and modify the content of the <MachineKey> section in the configuration file. The <MachineKey> section can be configured at the machine (Machine.config) or application (Web.config) level and controls the keys and algorithms that are used for Windows Forms authentication, view-state validation, and session-state application isolation. For any of these features to work across a network of Web servers (a Web farm), the <MachineKey> attributes must be configured explicitly and identically with a valid key value. The "AutoGenerate" value does not work for Web farms, because it relies on a cryptographically random secret, which is persisted using machine-local protection and will not be coherent across more than one computer.
Notes to Implementers: If it is required to specify keys in this configuration section, as is often required in Web-farm scenarios, it is recommended that you encrypt this section by using protected configuration.The example in this section demonstrates how to specify values declaratively for several attributes of the machineKey Element (ASP.NET Settings Schema) section, which can also be accessed as members of the MachineKeySection class.
The following example from a configuration file shows how to specify values declaratively for the machineKey Element (ASP.NET Settings Schema) section.
<system.web> <machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="SHA1"/> </system.web>
The following example demonstrates how to use the MachineKeySection class.
Imports System Imports System.Collections.Generic Imports System.Text Imports System.Configuration Imports System.Web Imports System.Web.Configuration Namespace Samples.Aspnet.SystemWebConfiguration Class UsingMachineKeySection Public Shared Sub Main() Try ' Set the path of the config file. Dim configPath As String = "" ' Get the Web application configuration object. Dim config As System.Configuration.Configuration = _ System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(configPath) ' Get the section related object. Dim configSection As System.Web.Configuration.MachineKeySection = _ CType(config.GetSection("system.web/machineKey"), _ System.Web.Configuration.MachineKeySection) ' Display title and info. Console.WriteLine("ASP.NET Configuration Info") Console.WriteLine() ' Display Config details. Console.WriteLine("File Path: {0}", config.FilePath) Console.WriteLine("Section Path: {0}", configSection.SectionInformation.Name) ' Display ValidationKey property. Console.WriteLine("ValidationKey: {0}", _ configSection.ValidationKey) ' Set ValidationKey property. configSection.ValidationKey = "AutoGenerate,IsolateApps" ' Display DecryptionKey property. Console.WriteLine("DecryptionKey: {0}", configSection.DecryptionKey) ' Set DecryptionKey property. configSection.DecryptionKey = "AutoGenerate,IsolateApps" ' Display Validation value. Console.WriteLine("Validation: {0}", configSection.Validation) ' Set Validation value. configSection.Validation = MachineKeyValidation.SHA1 ' Update if not locked. If Not configSection.SectionInformation.IsLocked Then config.Save() Console.WriteLine("** Configuration updated.") Else Console.WriteLine("** Could not update, section is locked.") End If Catch e As Exception ' Unknown error. Console.WriteLine(e.ToString()) End Try ' Display and wait Console.ReadLine() End Sub End Class End Namespace
System.Configuration.ConfigurationElement
System.Configuration.ConfigurationSection
System.Web.Configuration.MachineKeySection