MachineKeySection.ValidationKey Property

Definition

Gets or sets the key that is used to validate forms authentication and view state data, or the process by which the key is generated.

public:
 property System::String ^ ValidationKey { System::String ^ get(); void set(System::String ^ value); };
[System.ComponentModel.TypeConverter(typeof(System.Configuration.WhiteSpaceTrimStringConverter))]
[System.Configuration.ConfigurationProperty("validationKey", DefaultValue="AutoGenerate,IsolateApps")]
[System.Configuration.StringValidator(MinLength=1)]
public string ValidationKey { get; set; }
[<System.ComponentModel.TypeConverter(typeof(System.Configuration.WhiteSpaceTrimStringConverter))>]
[<System.Configuration.ConfigurationProperty("validationKey", DefaultValue="AutoGenerate,IsolateApps")>]
[<System.Configuration.StringValidator(MinLength=1)>]
member this.ValidationKey : string with get, set
Public Property ValidationKey As String

Property Value

A key value, or a value that indicates how the key is generated. The default is "AutoGenerate,IsolateApps".

Attributes

Examples

The following example shows how to set the ValidationKey property by using code. This example is part of a larger example provided for the MachineKeySection class.

// Display ValidationKey property.
Console.WriteLine("ValidationKey: {0}",
  configSection.ValidationKey);
' Display ValidationKey property.
Console.WriteLine("ValidationKey: {0}", _
 configSection.ValidationKey)

Remarks

The ValidationKey property is used when enableViewStateMAC is true to create a message authentication code (MAC) to enable ASP.NET to determine whether view state has been tampered with. The ValidationKey property is also used to generate out-of-process, application-specific session IDs to ensure that session state variables are isolated between applications.

Use the "AutoGenerate" option to specify that ASP.NET generates a random key and stores it in the Local Security Authority. The "AutoGenerate" option is part of the default value.

If you add the "IsolateApps" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppVirtualPath. This is the default setting.

If you add the "IsolateByAppId" modifier to the "AutoGenerate" ValidationKey value, ASP.NET generates a unique encrypted key for each application by using each application's AppDomainAppId. If two distinct applications share a virtual path (perhaps because those applications are running on different ports), this flag can be used to further distinguish them from one another. The "IsolateByAppId" flag is understood only by ASP.NET 4.5, but it can be used regardless of the MachineKeySection.CompatibilityMode setting.

If you need to support configuration across a network of Web servers (a Web farm), set the ValidationKey property manually to ensure consistent configuration. For information about how to manually generate values for the DecryptionKey attribute, see How To: Configure MachineKey in ASP.NET 2.0.

This property is typically set declaratively in the validationKey attribute of the machineKey element of the Web.config file.

Applies to