Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN3.2.2 Crypto/Viewstate Issues - Users Logged OutDNN3.2.2 Crypto/Viewstate Issues - Users Logged Out
Previous
 
Next
New Post
7/27/2006 5:43 PM
 
Ryno


Joined: 4/20/2004
Posts: 329

I am having an issue with DNN3.2.2 and I believe others are having it too.

It logs users out frequently.  With my admin account, for example, if I go to the Log Viewer and select (250) records it's logs me out and directs me to the login page.  If I log in again and repeat, it does the same thing.

Sometimes it throws a server error dealing with viewstate.

I've heard it's cookie related.  I've heard it has to do with the fact that I have another DNN3.2.2 website open and logged in simulataneously.  However, even if I just keep the one DNN site open and do not go to the other...I still have these issues.  Something is horribly wrong and is becoming a major nuissance on my site and almost making it unusable.

I'll post the various errors that come up:

One is:

System.Exception: Unhandled Error: ---> System.Security.Cryptography.CryptographicException: Bad Data. at System.Security.Cryptography.CryptoAPITransform._DecryptData(IntPtr hKey, Byte[] rgb, Int32 ib, Int32 cb, Boolean fDone) at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) at System.Security.Cryptography.CryptoStream.FlushFinalBlock() at System.Web.Configuration.MachineKey.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length) at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) at DotNetNuke.HttpModules.DNNMembershipModule.OnAuthenticateRequest(Object s, EventArgs e) at System.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --- End of inner exception stack trace ---

Another is:

InnerException: Invalid_Viewstate Client IP: 130.218.98.144 Port: 4963 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 1.0.3705) ViewState: aNQcbPMVWECZa6gPZX9/h1puuS3WpM8wTu63cq/hepGt7wDkokosX2gzGAwgVR8EzKsQUt....on and on and on

Both of these errors appear to kill my application process on the server.

I've tried taking out the "IsolateApps" portion of the MachineKey line in the web.config but it doesn't help.  I've tried changing the forms authentication from ".dotnetnuke" to something else.  No good.

Does anyone know what I need to do to get rid of these errors?  I will change the core code if need be but this error is really ruining my website.  Thanks for any help.

I'm too poor for anything other than the community version
 
New Post
7/27/2006 9:38 PM
 
John Mitchell


www.snapsis.com
Joined: 4/18/2003
Posts: 3987

 

That cryptographic error is from the Auth ticket which gets encrypted and saved to the cookie for that domain when you login.

What is happening is that if you open another browser window and login to the same domain with a different user it will write your auth ticket to the same cookie.

Then when you switch back and the auth ticket is sent back to the server, it can't decrypt it and gets an error.

If you want to try and fix it, you need to look at how the cookie is saved, and try to make it different for each portal or user, but it's not going to be easy.

DotNetNuke Modules from Snapsis.com
 
New Post
7/27/2006 10:08 PM
 
Ryno


Joined: 4/20/2004
Posts: 329

What I do is log into Site A with a username.  Then if I click on a link to Site B it logs me into Site B with the same username (but UserID is different).  Same browser.  Then if I click a link back to Site A the browser is redirected to Site A and uses existing cookie info (I'm guessing) to know it's the same user.

But even if I take Site B out of the equation I'm having these problems.  If I delete all cookies from my browser, and log into Site A....and never go to Site B....I will get randomly logged out of Site A.  I believe I have two separate but related problems.  One is the random logging of users out which MANY people are experiencing with various versions of DNN post 3.1 and the other user is the mixing up of cookies between the two sites.  I think this is what's going on at any rate.  I just wish the cookies were created totally separately for any DNN site.  Doesn't that just make sense that it would be that way?  Then there would be no issues.  I'm not sure why the cookies can't be renamed differently so there are no issues with Site A and Site B being open and logged into at the same time from two browser windows.  I'd be interested to see if I log into this dotnetnuke.com site and my site at the same time if I get those errors.  Anyway.

I'm going to try to concentrate on this random logging of users out first and then try to get this cookie mix up thing figured out.

I'm too poor for anything other than the community version
 
New Post
7/28/2006 1:05 AM
 
John Mitchell


www.snapsis.com
Joined: 4/18/2003
Posts: 3987

You are correct, they are two seperate issues.  Seperating the sites is a lot more complicated then you may think because they are actually running under a single IIS website application.  It's only DNN that makes them seem like different sites.  However, if SiteA and SiteB are different domains then the cookie will be seperate, what are the actual Urls you are talking about for SiteA & SiteB?  Are they in different domains?

Here is something you can try for the random logging out issue.  Sometimes a host will set your site up in a web farm, and you may be getting a different server that doesn't actually know about your authentication yet.  Often they will use something called Session or Server Affinity to make sure that once you start a session on a specfic server that all your requests come back to that same server.

DotNetNuke does not use sessions, so if you are in environment that needs them then you can try putting this next line of code directly in your default.aspx page.

<% Session("Affinity") = "DotNetNuke" %>

Just paste it in right at the bottom. 

DotNetNuke Modules from Snapsis.com
 
New Post
7/28/2006 8:38 AM
 
Ryno


Joined: 4/20/2004
Posts: 329

I'll try that session variable and see what happens.  That would be interesting to know if my host is farming my site...

Site A and Site B are on two different servers with two different domains.  Site A = MySite.Com and Site B = MySite.Org

I'll try out that session variable and see what happens.

I'm too poor for anything other than the community version
 
 Page 1 of 5
123...5Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN3.2.2 Crypto/Viewstate Issues - Users Logged OutDNN3.2.2 Crypto/Viewstate Issues - Users Logged Out


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out