如果您对 Azure 网站使用自动缩放,您是否需要设置机器密钥以便可以在机器之间共享加密的身份验证令牌?
这里有一个问题似乎与 我要问的问题相同。但是,该问题涉及 Azure Web 角色。我在询问 Azure 网站。
如果您对 Azure 网站使用自动缩放,您是否需要设置机器密钥以便可以在机器之间共享加密的身份验证令牌?
这里有一个问题似乎与 我要问的问题相同。但是,该问题涉及 Azure Web 角色。我在询问 Azure 网站。
No you don't need to. Azure Website will set the same machine key for all your instances when they are running on 2 (or 10) different VMs.
If you want a quick and dirty way to verify this, have the following bit of code in your Application_Start()
basically this writes the machine key into a file called %WEBSITE_INSTANCE_ID%
this is a unique environment variable per instance. Scale to 2 machines, turn on Always On
setting and within a minute 2 files should be written in your D:\home\site\wwwroot
folder that have a long guid for names (the instance id for the 2 machines) and they will contain the same key.
protected void Application_Start()
{
var section = (MachineKeySection)
ConfigurationManager.GetSection("system.web/machineKey");
BindingFlags flags =
BindingFlags.Instance |
BindingFlags.NonPublic |
BindingFlags.GetProperty;
Func<string, byte[]> propertyReader = name => (byte[])section
.GetType()
.GetProperty(name, flags)
.GetValue(section, null);
using (
var writer =
new StreamWriter(Environment.ExpandEnvironmentVariables(@"%HOME%\site\wwwroot\%WEBSITE_INSTANCE_ID%.log")))
{
var key = ConvertToHex(
propertyReader("DecryptionKeyInternal"));
writer.WriteLine("DecryptKey: {0}", key);
var iv = ConvertToHex(
propertyReader("ValidationKeyInternal"));
writer.WriteLine("ValidationKey: {0}", iv);
}
}
private string ConvertToHex(byte[] binary)
{
return binary.Aggregate(
new StringBuilder(),
(acc, c) => acc.AppendFormat("{0:x2}", c),
acc => acc.ToString());
}