Are there any possible issues with using the default Forms Authentication (see below) on Load Balanced servers? If there can be, what can I do to prevent the issues.
<authentication mode="Forms">
<forms loginUrl="~/Login/" protection="All" timeout="30" />
</authentication>
Can I use cookies (used by default)? Do I have to go cookieless? etc…
Also, does Microsoft (or VMWare) have a VirtualPC download that is an instant Load Balanced testing environment?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
There is one issue. The cookies are encrypted and validated using the machine key and the validation key (that’s what protection=”All” means). You will have to set those in your top-level web.config in all the servers, otherwise each of them will have a different one and will reject cookies set by the others.
You can find a machineKey generator here. Then put the generated xml inside in the web.config of all the servers and you’re ready to rock.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0