How do i access Autogenerated validation and decryption keys in asp.net?_问答_开发者

How do i access Autogenerated validation and decryption keys in asp.net?

开发者 https://www.devze.com 2022-12-12 00:55 出处：网络

If I have the DecryptionKeyand ValidationKey set to AutoGenerate in 开发者_开发知识库the machineKey section of the machine.config, how do i look up from .NET the actual generated keys which have been

If I have the DecryptionKey and ValidationKey set to AutoGenerate in 开发者_开发知识库the machineKey section of the machine.config, how do i look up from .NET the actual generated keys which have been created?

We wish to use the same keys to encrypt and validate our own cookies.

Any clues/tips gratefully received.

I know this doesn't answer your question but to encrypt and validate your own cookies you don't need to know the actual values of the DecryptionKey and the ValidationKey. Just use Encrypt and Decrypt methods:

var ticket = new FormsAuthenticationTicket(
    1, 
    "username", 
    DateTime.Now, 
    DateTime.Now.AddMinutes(10), 
    false, 
    "some user data");
string encryptedTicked = FormsAuthentication.Encrypt(ticket);
// TODO: use the encrypted ticket in a cookie

Using AutoGenerate will just cause you grief as you, or rather your users, will too often encounter exceptions. Between the time when the data was encrypted and when it's decrypted the keys can and will change (application restart via app pool recycle, Web.config touched, etc.).