在多服务器环境中,当会话过期并且应用程序的另一个实例使用相同的会话 ID 和机器密钥但在不同的服务器上时,可能会发生此错误。起初,每台服务器都产生自己的机器密钥,该密钥随后与应用程序的单个实例相关联。当会话到期并且当前服务器很忙时,应用程序会被重定向,就像通过负载均衡器一样,重定向到更可操作的服务器。在我的情况下,我从多个服务器运行相同的应用程序,错误消息:
视图状态 MAC 验证失败。如果此应用程序由 Web Farm 或集群托管,请确保配置指定相同的 validationKey 和验证算法
在web.config下定义机器码就可以解决问题了。但不要使用可能已损坏的代码生成 3rd 方站点,请从您的命令 shell 运行:基于 microsoft 解决方案 1a,https://support.microsoft.com/en-us/kb/2915218#AppendixA
# Generates a <machineKey> element that can be copied + pasted into a Web.config file.
function Generate-MachineKey {
[CmdletBinding()]
param (
[ValidateSet("AES", "DES", "3DES")]
[string]$decryptionAlgorithm = 'AES',
[ValidateSet("MD5", "SHA1", "HMACSHA256", "HMACSHA384", "HMACSHA512")]
[string]$validationAlgorithm = 'HMACSHA256'
)
process {
function BinaryToHex {
[CmdLetBinding()]
param($bytes)
process {
$builder = new-object System.Text.StringBuilder
foreach ($b in $bytes) {
$builder = $builder.AppendFormat([System.Globalization.CultureInfo]::InvariantCulture, "{0:X2}", $b)
}
$builder
}
}
switch ($decryptionAlgorithm) {
"AES" { $decryptionObject = new-object System.Security.Cryptography.AesCryptoServiceProvider }
"DES" { $decryptionObject = new-object System.Security.Cryptography.DESCryptoServiceProvider }
"3DES" { $decryptionObject = new-object System.Security.Cryptography.TripleDESCryptoServiceProvider }
}
$decryptionObject.GenerateKey()
$decryptionKey = BinaryToHex($decryptionObject.Key)
$decryptionObject.Dispose()
switch ($validationAlgorithm) {
"MD5" { $validationObject = new-object System.Security.Cryptography.HMACMD5 }
"SHA1" { $validationObject = new-object System.Security.Cryptography.HMACSHA1 }
"HMACSHA256" { $validationObject = new-object System.Security.Cryptography.HMACSHA256 }
"HMACSHA385" { $validationObject = new-object System.Security.Cryptography.HMACSHA384 }
"HMACSHA512" { $validationObject = new-object System.Security.Cryptography.HMACSHA512 }
}
$validationKey = BinaryToHex($validationObject.Key)
$validationObject.Dispose()
[string]::Format([System.Globalization.CultureInfo]::InvariantCulture,
"<machineKey decryption=`"{0}`" decryptionKey=`"{1}`" validation=`"{2}`" validationKey=`"{3}`" />",
$decryptionAlgorithm.ToUpperInvariant(), $decryptionKey,
$validationAlgorithm.ToUpperInvariant(), $validationKey)
}
}
然后:
对于 ASP.NET 4.0
Generate-MachineKey
您的密钥将如下所示:<machineKey decryption="AES" decryptionKey="..." validation="HMACSHA256" validationKey="..." />
对于 ASP.NET 2.0 和 3.5
Generate-MachineKey -validation sha1
您的密钥将如下所示:<machineKey decryption="AES" decryptionKey="..." validation="SHA1" validationKey="..." />