Diagnosing Asp.Net Forms Authentication ticket failure on IIS 7 web farm

Have you gotten this error on a web farm sharing forms authentication recently?

Forms authentication failed for the request. Reason: The ticket supplied was invalid

Normally this is a no-brainer, just make sure you have the same machine key settings across servers, but recently I ran into this while setting up a new server and was honestly befuddled for an hour trying to figure out what I had missed.  After scouring the back alley’s of google-bing, I finally hit on the right keyword mojo and found this nugget on stackoverflow.com.  You remember that security vulnerability found last fall, yeah forgot about that one too, well I guess one of the side effects of the patch was that un-patched  servers don’t play nice with each other.   Here is a quote from the Gu himself that explains it clearly:

Because the patch modifies the encryption/signing behavior of certain features in ASP.NET, it is important that you apply it to all machines in a web-farm.  If you have a mix-match of patched/un-patched systems you’ll have forms-authentication, webresource.axd, and scriptresource.axd requests succeed/fail depending on which server they hit in the farm (since the encryption used would be different across them).

So what are you waiting for, go patch that server!

kick it on DotNetKicks.com
Bookmark and Share
blog comments powered by Disqus
  • Menu

  • Tags