Search This Blog

Monday, December 5, 2011

2008 IIS encrypt cookie

2008 IIS encrypt cookie
http://technet.microsoft.com/en-us/library/cc755177(WS.10).aspx


Machine keys help protect Forms authentication cookie data and page-level view state data. They also verify out-of-process session state identification. ASP.NET uses the following types of machine keys:
  • A validation key computes a Message Authentication Code (MAC) to confirm the integrity of the data. This key is appended to either the Forms authentication cookie or the view state for a specific page.
  • A decryption key is used to encrypt and decrypt Forms authentication

No comments:

Post a Comment