tags:

views:

1461

answers:

6
+1  Q: 

ASP.NET Viewstate validation - ASP.NET 1.1 vs. ASP.NET 3.5

Hi all,

we're in the process of migrating our web app from ASP.NET 1.1 to ASP.NET 3.5. Our app runs on multiple servers through DNS round robin, so every browser request may end up on a different server. We do have a in our web.config to prevent validation errors.

However, our plan was to migrate one server at a time. Now it looks like when a user loads the page on a 1.1. server and then the page ends up on a 3.5 server on postback, the viewstate validation fails.

I haven't been able to find anything on the web regarding this issue - it's just my guess that the viewstate validation is incompatible between 1.1. and 3.5, i.e. a viewstate generated by 1.1 will not validate on 3.5 even with the same machineKey and vice versa.

Can anyone confirm this suspicion?

Thanks

+1  A: 

Use sticky sessions as mentioned in this similar post. This will keep users on the same machine for a period of time.

I don't think it wise to allow a single user to hit three different versions of the framework in a single session.

Michael Haren  2008-12-17 17:33:02
A: 

We don't really have a load balancer, otherwise this would be an obvious solution, yes.

Marcel Marchon  2008-12-17 17:36:29
A: 

Are you running IIS7 for the 3.5 host? I ran into a lot of issues with ViewState running a 1.1 app on IIS7. Getting a 1.1 app running properly on IIS7 is diffucult enough, let alone trying to web-garden across multiple framework versions. The biggest thing I ran into is that ViewState is encrypted or managed differently than previos version of IIS. If you try to setup a weg-garden on a 1.1 you get all kinds of ViewState encryption errors. You cannot setup a web garden (have multiple worker threads) on a 1.1 app on IIS7. At least from my experience.

Micah  2008-12-17 17:40:26
A: 

I believe 1.1 and 2.0 use different default encryption algorithms for the viewstate. The default for 1.1 was 3DES and I believe for 2.0 it was SHA1 (Although I can't seem to find the documentation to back this up at the moment). Try setting the validation in your machine key to 3DES on the new server and see if that solves the problem.

<machineKey validation="3DES">
Chris Pebble  2008-12-17 17:40:42
A: 

No, still running IIS6 for 3.5 as well.

We do have the encryption algorithm specified in the machine key.

Marcel Marchon  2008-12-17 17:53:55
A: 

One more thing: 3.5 runs on a 64bit OS while the 1.1 servers all run 32bit Windows. Would that matter?

Marcel Marchon  2008-12-17 17:54:52

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps