Skip to main content

Forms Authentication and Web Gardens

Man, having a working blogging engine is fun! I can post about experiences as they happen now rather than trying to remember what happened and how I fixed it.

Just a bit ago I decided to enable a web garden on my server, that way in case a process crashes or hangs there is another available one to step in and take over (an overly simplified view). When I deployed my latest build (which had some under-the-covers changes to how I handle the user roles and authentication), I noticed I had intermittent admin access I kept going over the code again and again thinking I had missed somthing. After a few minutes I decided to look at the event logs on Yggdrasil (the web server) and noticed repeated events in the application log.

Event code: 4005
Event message: Forms authentication failed for the request. Reason: The ticket supplied was invalid.
Event time: 2007-06-17 02:36:04
Event time (UTC): 2007-06-17 08:36:04
Event ID: 02b2f20d217b4a3a8bf4eee16380f538
Event sequence: 11
Event occurrence: 2
Event detail code: 50201

With that entry in there quite a few times, I figured I'd try to do a google search on it (who doesn't?). And boom! the second hit was the one I was looking for. What was happening was the different processes each had its own encryption and decryption key, and when my browser handed it to the different processes (they go in a round-robin style) it didn't work - which explained my constant "you're logged in... just kidding!". To fix this, you create a static key for all the processes (and other machines if you have a full web farm going) to use, and then they can read each others tickets.

For more in-depth information, visit Omar's blog where he tells more about the problem and even provides a nice small utility to generate a machine-key for you to use!