I was made aware recently of a "Validation of viewstate MAC failed" error on my website.
Specifics are:
Walkthrough:
We have tried:
Web.config (relevant parts based on other questions)
<system.web>
<compilation debug="true" targetFramework="4.5">
<assemblies>
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="System.Speech, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="Microsoft.ReportViewer.WebForms, Version=12.0.0.0, Culture=neutral, PublicKeyToken=..." />
<add assembly="Microsoft.ReportViewer.Common, Version=12.0.0.0, Culture=neutral, PublicKeyToken=..." />
</assemblies>
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=12.0.0.0, Culture=neutral, PublicKeyToken=..." />
</buildProviders>
</compilation>
<httpRuntime targetFramework="4.5" />
<pages>
<namespaces>
<add namespace="System.Web.Optimization" />
</namespaces>
<controls>
<add tagPrefix="webopt" namespace="Microsoft.AspNet.Web.Optimization.WebForms" assembly="Microsoft.AspNet.Web.Optimization.WebForms" />
<add tagPrefix="telerik" namespace="Telerik.Web.UI" assembly="Telerik.Web.UI" />
<add tagPrefix="asp" namespace="System.Web.UI.DataVisualization.Charting" assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." />
</controls>
</pages>
<authentication mode="Forms">
<!--<forms loginUrl="~/Login" timeout="2880" defaultUrl="~/" />-->
</authentication>
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=..." connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=..." connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<roleManager defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=..." connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
<!--
comments
-->
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=..." connectionStringName="DefaultConnection" />
</providers>
</sessionState>
<httpHandlers>
<add path="Telerik.Web.UI.WebResource.axd" verb="*" type="Telerik.Web.UI.WebResource" validate="false" />
<add path="ChartImage.axd" verb="*" type="Telerik.Web.UI.ChartHttpHandler" validate="false" />
<add path="Telerik.Web.UI.SpellCheckHandler.axd" verb="*" type="Telerik.Web.UI.SpellCheckHandler" validate="false" />
<add path="Telerik.Web.UI.DialogHandler.aspx" verb="*" type="Telerik.Web.UI.DialogHandler" validate="false" />
<add path="Telerik.RadUploadProgressHandler.ashx" verb="*" type="Telerik.Web.UI.RadUploadProgressHandler" validate="false" />
<add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=..." validate="false" />
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=12.0.0.0, Culture=neutral, PublicKeyToken=..." validate="false" />
</httpHandlers>
<httpModules />
<customErrors mode="Off"></customErrors>
<compilation debug="true"/>
</system.web>
Stacktrace
[ViewStateException: Invalid viewstate.
Client IP: Redacted
Port: Redacted
Referer: Redacted/Login
Path: Redacted/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
ViewState: A5c...]
[HttpException (0x80004005): Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
See http://go.microsoft.com/fwlink/?LinkID=314055 for more information.]
System.Web.UI.ViewStateException.ThrowError(Exception inner, String persistedState, String errorPageMessage, Boolean macValidationError) +124
System.Web.UI.ObjectStateFormatter.Deserialize(String inputString, Purpose purpose) +444
System.Web.UI.ObjectStateFormatter.System.Web.UI.IStateFormatter2.Deserialize(String serializedState, Purpose purpose) +14
System.Web.UI.Util.DeserializeWithAssert(IStateFormatter2 formatter, String serializedState, Purpose purpose) +41
System.Web.UI.HiddenFieldPageStatePersister.Load() +255
System.Web.UI.Page.LoadPageStateFromPersistenceMedium() +257
System.Web.UI.Page.LoadAllState() +36
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6796
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +250
System.Web.UI.Page.ProcessRequest() +76
System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +24
System.Web.UI.Page.ProcessRequest(HttpContext context) +62
ASP.account_login_aspx.ProcessRequest(HttpContext context) +4
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +195
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +50
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +73
Page Code
<%@ Page Title="Log in" Language="C#" MasterPageFile="~/Site.Master" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="CCD.Account.Login" %>
<%@ Register Src="~/Account/OpenAuthProviders.ascx" TagPrefix="uc" TagName="OpenAuthProviders" %>
<%@ Page Language="C#" Debug="true" %>
<asp:Content runat="server" ID="BodyContent" ContentPlaceHolderID="MainContent">
<table class="auto-style1">
<tr>
<td class="auto-style12"></td>
<td class="auto-style11">
<asp:Label ID="Label7" runat="server" Font-Names="Rockwell,Consolas,Courier New,Courier,monospace;" Font-Size="22pt" ForeColor="#6e311a" style="padding: 0; margin: 0;" Text="Clearspan Login"></asp:Label>
<br />
<asp:Label ID="lblErrorLogin" runat="server" Font-Bold="True" ForeColor="#CC3300" Text="Invalid Username/Password." Visible="False"></asp:Label>
</td>
<td class="auto-style11"></td>
</tr>
<tr>
<td class="auto-style15"></td>
<td class="auto-style16">
<table class="NotAssigned">
<tr>
<td class="NotAssigned">
<br />
</td>
<td class="auto-style7" style="text-align: center; vertical-align: middle;;padding:0px;margin:0px; ">
<asp:Label ID="lblUsername" runat="server" Text="Username:" Height="30px"></asp:Label>
<asp:TextBox ID="txtUsername" runat="server" BackColor="White" BorderColor="#CCCCCC" BorderStyle="Inset" BorderWidth="1px" Width="160px" Height="30px"></asp:TextBox>
</td>
</tr>
<tr>
<td class="NotAssigned"></td>
<td class="auto-style7" style="text-align: center;padding:0px;margin:0px; ">
<asp:Label ID="lblPassword" runat="server" Text="Password:" Height="30px"></asp:Label>
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password" BackColor="White" BorderColor="#CCCCCC" BorderStyle="Inset" BorderWidth="1px" Width="160px" Height="30px"></asp:TextBox>
</td>
</tr>
</table>
</td>
<td class="auto-style16"></td>
</tr>
<tr>
<td class="auto-style13"> </td>
<td>
<table class="NotAssigned">
<tr>
<td class="auto-style14" style="text-align: center;padding:0px;margin:0px; "><asp:Button ID="btnLogIn" runat="server" Text="Log in" OnClick="btnLogIn_Click" Height="30px" Width="162px" />
</td>
</tr>
<tr>
<td>
<asp:TextBox ID="txtHold" runat="server" Height="16px" ReadOnly="True" TextMode="Password" Width="16px" Visible="False"></asp:TextBox>
</td>
</tr>
</table>
</td>
<td> </td>
</tr>
</table>
</asp:Content>
<asp:Content ID="Content1" runat="server" contentplaceholderid="HeadContent">
<style type="text/css">
.auto-style1 {
width: 100%;
height: 65px;
}
.auto-style7 {
width: 633px;
}
.auto-style11 {
height: 51px;
}
.auto-style12 {
height: 51px;
width: 58px;
}
.auto-style13 {
width: 58px;
}
.auto-style14 {
width: 712px;
}
.auto-style15 {
width: 58px;
height: 84px;
}
.auto-style16 {
height: 84px;
}
</style>
</asp:Content>
User contributions licensed under CC BY-SA 3.0