javascript - Smart Card relogin failed with message "validation of viewstate MAC failed" After executed "ClearAuthenticationCache" -
in asp.net web application, use smart card login. after logged out, want make iis prompt pin if login again. following command run -
document.execcommand('clearauthenticationcache');
it prompt selection of certificate. after pick correct certificate, "validation of viewstate mac failed" error thrown.
machine key has been set in web.config. test in single server.
can fixed?
is there way force relogin without executing above command?
the error log -
<error application="/lm/w3svc/2/root" host="mmm809-pb8gmtc" type="system.web.ui.viewstateexception" message="invalid viewstate. 
	client ip: 127.0.0.1
	port: 64307
	referer: https://localhost:48044/account/login.aspx?returnurl=%2f
	path: /account/login.aspx
	user-agent: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko
	viewstate: /12345678905ntiymjmwnq9kfgjmd2qwbaibd2qwagikd2qwagibd2qwamypdxyehgruzxh0bsfszwxlyxnlidewljgumtogtg9jywwgrgv2zwxvcg1lbnqeb1zpc2libgvnzgqcaw9kfgqcbq88kwanaqapfgiec18hrgf0yujvdw5kz2rkaggpzbygzg8pfgifaavprw50zxigew91cib1c2vybmftzswgcgfzc3dvcmqsig9yigluc2vydcb5b3vyifbjvibdyxjkigfuzcbjagvjayb0agugym94igjlbg93lmrkagmpdxychwfnzgqcba8pfgifawdkfgqcaq8pfgifaavyugxlyxnligluc2vydcb5b3vyifbjvibdyxjkigludg8gew91cib3b3jrc3rhdglvbidzignhcmqgcmvhzgvylcbhbmqgy2xpy2sgdghlicdmb2dpbibxaxroifbjvibdyxjkjybidxr0b24gymvsb3cuzgqcaw8pfgqfagufawhkzbgbbr5fx0nvbnryb2xzumvxdwlyzvbvc3rcywnrs2v5x18wawuey3rsmdaktwfpbknvbnrlbnqkq2hly2tcb3hqt0fnbrnjdgwwmcrjq2fuy2vsjgn0bdaxbrnjdgwwmcrjq2fuy2vsjgn0bdazls/fm9a6vvp18rwsd2ic7rg/xts=" detail="system.web.httpexception (0x80004005): validation of viewstate mac failed. if application hosted web farm or cluster, ensure <machinekey> configuration specifies same validationkey , validation algorithm. autogenerate cannot used in cluster.

see http://go.microsoft.com/fwlink/?linkid=314055 more information. ---> system.web.ui.viewstateexception: invalid viewstate. 
	client ip: 127.0.0.1
	port: 64307
	referer: https://localhost:48044/account/login.aspx?returnurl=%2f
	path: /account/login.aspx
	user-agent: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko
	viewstate: /12345678905ntiymjmwnq9kfgjmd2qwbaibd2qwagikd2qwagibd2qwamypdxyehgruzxh0bsfszwxlyxnlidewljgumtogtg9jywwgrgv2zwxvcg1lbnqeb1zpc2libgvnzgqcaw9kfgqcbq88kwanaqapfgiec18hrgf0yujvdw5kz2rkaggpzbygzg8pfgifaavprw50zxigew91cib1c2vybmftzswgcgfzc3dvcmqsig9yigluc2vydcb5b3vyifbjvibdyxjkigfuzcbjagvjayb0agugym94igjlbg93lmrkagmpdxychwfnzgqcba8pfgifawdkfgqcaq8pfgifaavyugxlyxnligluc2vydcb5b3vyifbjvibdyxjkigludg8gew91cib3b3jrc3rhdglvbidzignhcmqgcmvhzgvylcbhbmqgy2xpy2sgdghlicdmb2dpbibxaxroifbjvibdyxjkjybidxr0b24gymvsb3cuzgqcaw8pfgqfagufawhkzbgbbr5fx0nvbnryb2xzumvxdwlyzvbvc3rcywnrs2v5x18wawuey3rsmdaktwfpbknvbnrlbnqkq2hly2tcb3hqt0fnbrnjdgwwmcrjq2fuy2vsjgn0bdaxbrnjdgwwmcrjq2fuy2vsjgn0bdazls/fm9a6vvp18rwsd2ic7rg/xts=
 @ system.web.ui.viewstateexception.throwerror(exception inner, string persistedstate, string errorpagemessage, boolean macvalidationerror)
 @ system.web.ui.objectstateformatter.deserialize(string inputstring, purpose purpose)
 @ system.web.ui.util.deserializewithassert(istateformatter2 formatter, string serializedstate, purpose purpose)
 @ system.web.ui.hiddenfieldpagestatepersister.load()
 @ system.web.ui.page.loadpagestatefrompersistencemedium()
 @ system.web.ui.page.loadallstate()
 @ system.web.ui.page.processrequestmain(boolean includestagesbeforeasyncpoint, boolean includestagesafterasyncpoint)
 @ system.web.ui.page.processrequest(boolean includestagesbeforeasyncpoint, boolean includestagesafterasyncpoint)
 @ system.web.ui.page.processrequest()
 @ system.web.ui.page.processrequest(httpcontext context)
 @ asp.account_login_aspx.processrequest(httpcontext context) in c:\windows\microsoft.net\framework64\v4.0.30319\temporary asp.net files\root\277b2a97\3a0c0b22\app_web_tivyflc5.0.cs:line 0
 @ system.web.httpapplication.callhandlerexecutionstep.system.web.httpapplication.iexecutionstep.execute()
 @ system.web.httpapplication.executestep(iexecutionstep step, boolean& completedsynchronously)" time="2017-08-14t21:15:21.9999720z" statuscode="500" webhosthtmlmessage="<!doctype html>
<html>
 <head>
 <title>validation of viewstate mac failed. if application hosted web farm or cluster, ensure &lt;machinekey&gt; configuration specifies same validationkey , validation algorithm. autogenerate cannot used in cluster.<br><br>see http://go.microsoft.com/fwlink/?linkid=314055 more information.</title>
 <meta name="viewport" content="width=device-width" />
 <style>
 body {font-family:"verdana";font-weight:normal;font-size: .7em;color:black;} 
 p {font-family:"verdana";font-weight:normal;color:black;margin-top: -5px}
 b {font-family:"verdana";font-weight:bold;color:black;margin-top: -5px}
 h1 { font-family:"verdana";font-weight:normal;font-size:18pt;color:red }
 h2 { font-family:"verdana";font-weight:normal;font-size:14pt;color:maroon }
 pre {font-family:"consolas","lucida console",monospace;font-size:11pt;margin:0;padding:0.5em;line-height:14pt}
 .marker {font-weight: bold; color: black;text-decoration: none;}
 .version {color: gray;}
 .error {margin-bottom: 10px;}
 .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
 @media screen , (max-width: 639px) {
 pre { width: 440px; overflow: auto; white-space: pre-wrap; word-wrap: break-word; }
 }
 @media screen , (max-width: 479px) {
 pre { width: 280px; }
 }
 </style>
 </head>

 <body bgcolor="white">

 <span><h1>server error in '/' application.<hr width=100% size=1 color=silver></h1>

 <h2> <i>validation of viewstate mac failed. if application hosted web farm or cluster, ensure &lt;machinekey&gt; configuration specifies same validationkey , validation algorithm. autogenerate cannot used in cluster.<br><br>see http://go.microsoft.com/fwlink/?linkid=314055 more information.</i> </h2></span>

 <font face="arial, helvetica, geneva, sunsans-regular, sans-serif ">

 <b> description: </b>an unhandled exception occurred during execution of current web request. please review stack trace more information error , originated in code.

 <br><br>

 <b> exception details: </b>system.web.httpexception: validation of viewstate mac failed. if application hosted web farm or cluster, ensure &lt;machinekey&gt; configuration specifies same validationkey , validation algorithm. autogenerate cannot used in cluster.<br><br>see http://go.microsoft.com/fwlink/?linkid=314055 more information.<br><br>

 <b>source error:</b> <br><br>

 <table width=100% bgcolor="#ffffcc">
 <tr>
 <td>
 <code><pre>

[no relevant source lines]</pre></code>

 </td>
 </tr>
 </table>

 <br>

 <b> source file: </b> c:\windows\microsoft.net\framework64\v4.0.30319\temporary asp.net files\root\277b2a97\3a0c0b22\app_web_tivyflc5.0.cs<b> &nbsp;&nbsp; line: </b> 0
 <br><br>

 <b>stack trace:</b> <br><br>

 <table width=100% bgcolor="#ffffcc">
 <tr>
 <td>
 <code><pre>

[viewstateexception: invalid viewstate. 
	client ip: 127.0.0.1
	port: 64307
	referer: https://localhost:48044/account/login.aspx?returnurl=%2f
	path: /account/login.aspx
	user-agent: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko
	viewstate: /12345678905ntiymjmwnq9kfgjmd2qwbaibd2qwagikd2qwagibd2qwamypdxyehgruzxh0bsfszwxlyxnlidewljgumtogtg9jywwgrgv2zwxvcg1lbnqeb1zpc2libgvnzgqcaw9kfgqcbq88kwanaqapfgiec18hrgf0yujvdw5kz2rkaggpzbygzg8pfgifaavprw50zxigew91cib1c2vybmftzswgcgfzc3dvcmqsig9yigluc2vydcb5b3vyifbjvibdyxjkigfuzcbjagvjayb0agugym94igjlbg93lmrkagmpdxychwfnzgqcba8pfgifawdkfgqcaq8pfgifaavyugxlyxnligluc2vydcb5b3vyifbjvibdyxjkigludg8gew91cib3b3jrc3rhdglvbidzignhcmqgcmvhzgvylcbhbmqgy2xpy2sgdghlicdmb2dpbibxaxroifbjvibdyxjkjybidxr0b24gymvsb3cuzgqcaw8pfgqfagufawhkzbgbbr5fx0nvbnryb2xzumvxdwlyzvbvc3rcywnrs2v5x18wawuey3rsmdaktwfpbknvbnrlbnqkq2hly2tcb3hqt0fnbrnjdgwwmcrjq2fuy2vsjgn0bdaxbrnjdgwwmcrjq2fuy2vsjgn0bdazls/fm9a6vvp18rwsd2ic7rg/xts=]

[httpexception (0x80004005): validation of viewstate mac failed. if application hosted web farm or cluster, ensure &lt;machinekey&gt; configuration specifies same validationkey , validation algorithm. autogenerate cannot used in cluster.

see http://go.microsoft.com/fwlink/?linkid=314055 more information.]
 system.web.ui.viewstateexception.throwerror(exception inner, string persistedstate, string errorpagemessage, boolean macvalidationerror) +153
 system.web.ui.objectstateformatter.deserialize(string inputstring, purpose purpose) +912
 system.web.ui.util.deserializewithassert(istateformatter2 formatter, string serializedstate, purpose purpose) +61
 system.web.ui.hiddenfieldpagestatepersister.load() +309
 system.web.ui.page.loadpagestatefrompersistencemedium() +367
 system.web.ui.page.loadallstate() +46
 system.web.ui.page.processrequestmain(boolean includestagesbeforeasyncpoint, boolean includestagesafterasyncpoint) +9527
 system.web.ui.page.processrequest(boolean includestagesbeforeasyncpoint, boolean includestagesafterasyncpoint) +355
 system.web.ui.page.processrequest() +75
 system.web.ui.page.processrequest(httpcontext context) +70
 asp.account_login_aspx.processrequest(httpcontext context) in c:\windows\microsoft.net\framework64\v4.0.30319\temporary asp.net files\root\277b2a97\3a0c0b22\app_web_tivyflc5.0.cs:0
 system.web.callhandlerexecutionstep.system.web.httpapplication.iexecutionstep.execute() +798
 system.web.httpapplication.executestep(iexecutionstep step, boolean&amp; completedsynchronously) +91
</pre></code>

 </td>
 </tr>
 </table>

 <br>

 </body>
</html>
"> <servervariables> <item name="all_http"> <value string="http_cache_control:no-cache
http_connection:keep-alive
http_content_length:1369
http_content_type:application/x-www-form-urlencoded
http_accept:text/html, application/xhtml+xml, */*
http_accept_encoding:gzip, deflate
http_accept_language:en-us
http_host:localhost:48044
http_referer:https://localhost:48044/account/login.aspx?returnurl=%2f
http_user_agent:mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko
" /> </item> <item name="all_raw"> <value string="cache-control: no-cache
connection: keep-alive
content-length: 1369
content-type: application/x-www-form-urlencoded
accept: text/html, application/xhtml+xml, */*
accept-encoding: gzip, deflate
accept-language: en-us
host: localhost:48044
referer: https://localhost:48044/account/login.aspx?returnurl=%2f
user-agent: mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko
" /> </item> <item name="appl_md_path"> <value string="/lm/w3svc/2/root" /> </item> <item name="appl_physical_path"> <value string="c:\jjj\fff2v2\dev_mvc\prototype\fff.admin\fff2\" /> </item> <item name="auth_type"> <value string="" /> </item> <item name="auth_user"> <value string="" /> </item> <item name="auth_password"> <value string="*****" /> </item> <item name="logon_user"> <value string="" /> </item> <item name="remote_user"> <value string="" /> </item> <item name="cert_cookie"> <value string="a4b74eb1dcfd75b321ea17b5486687b91900001103c95854d42f7d0345d17c83" /> </item> <item name="cert_flags"> <value string="1" /> </item> <item name="cert_issuer"> <value string="c=us, o=entrust, ou=certification authorities, ou=entrust managed services ssp ca" /> </item> <item name="cert_keysize"> <value string="256" /> </item> <item name="cert_secretkeysize"> <value string="1024" /> </item> <item name="cert_serialnumber"> <value string="49-4a-2a-2c" /> </item> <item name="cert_server_issuer"> <value string="cn=localhost" /> </item> <item name="cert_server_subject"> <value string="cn=localhost" /> </item> <item name="cert_subject"> <value string="c=us, o=u.s. company, ou=dept of ee, ou=civ, cn=gggg uuu (affiliate) + oid.0.9.2342.19200300.100.1.1=15001003062231" /> </item> <item name="content_length"> <value string="1369" /> </item> <item name="content_type"> <value string="application/x-www-form-urlencoded" /> </item> <item name="gateway_interface"> <value string="cgi/1.1" /> </item> <item name="https"> <value string="on" /> </item> <item name="https_keysize"> <value string="256" /> </item> <item name="https_secretkeysize"> <value string="1024" /> </item> <item name="https_server_issuer"> <value string="cn=localhost" /> </item> <item name="https_server_subject"> <value string="cn=localhost" /> </item> <item name="instance_id"> <value string="2" /> </item> <item name="instance_meta_path"> <value string="/lm/w3svc/2" /> </item> <item name="local_addr"> <value string="127.0.0.1" /> </item> <item name="path_info"> <value string="/account/login.aspx" /> </item> <item name="path_translated"> <value string="c:\jjj\fff2v2\dev_mvc\prototype\fff.admin\fff2\account\login.aspx" /> </item> <item name="query_string"> <value string="returnurl=%2f" /> </item> <item name="remote_addr"> <value string="127.0.0.1" /> </item> <item name="remote_host"> <value string="127.0.0.1" /> </item> <item name="remote_port"> <value string="64307" /> </item> <item name="request_method"> <value string="post" /> </item> <item name="script_name"> <value string="/account/login.aspx" /> </item> <item name="server_name"> <value string="localhost" /> </item> <item name="server_port"> <value string="48044" /> </item> <item name="server_port_secure"> <value string="1" /> </item> <item name="server_protocol"> <value string="http/1.1" /> </item> <item name="server_software"> <value string="microsoft-iis/7.5" /> </item> <item name="url"> <value string="/account/login.aspx" /> </item> <item name="http_cache_control"> <value string="no-cache" /> </item> <item name="http_connection"> <value string="keep-alive" /> </item> <item name="http_content_length"> <value string="1369" /> </item> <item name="http_content_type"> <value string="application/x-www-form-urlencoded" /> </item> <item name="http_accept"> <value string="text/html, application/xhtml+xml, */*" /> </item> <item name="http_accept_encoding"> <value string="gzip, deflate" /> </item> <item name="http_accept_language"> <value string="en-us" /> </item> <item name="http_host"> <value string="localhost:48044" /> </item> <item name="http_referer"> <value string="https://localhost:48044/account/login.aspx?returnurl=%2f" /> </item> <item name="http_user_agent"> <value string="mozilla/5.0 (windows nt 6.1; wow64; trident/7.0; rv:11.0) gecko" /> </item> <item name="is_login_page"> <value string="1" /> </item> </servervariables> <querystring> <item name="returnurl"> <value string="/" /> </item> </querystring> <form> <item name="__eventtarget"> <value string="" /> </item> <item name="__eventargument"> <value string="" /> </item> <item name="__viewstate"> <value string="/12345678905ntiymjmwnq9kfgjmd2qwbaibd2qwagikd2qwagibd2qwamypdxyehgruzxh0bsfszwxlyxnlidewljgumtogtg9jywwgrgv2zwxvcg1lbnqeb1zpc2libgvnzgqcaw9kfgqcbq88kwanaqapfgiec18hrgf0yujvdw5kz2rkaggpzbygzg8pfgifaavprw50zxigew91cib1c2vybmftzswgcgfzc3dvcmqsig9yigluc2vydcb5b3vyifbjvibdyxjkigfuzcbjagvjayb0agugym94igjlbg93lmrkagmpdxychwfnzgqcba8pfgifawdkfgqcaq8pfgifaavyugxlyxnligluc2vydcb5b3vyifbjvibdyxjkigludg8gew91cib3b3jrc3rhdglvbidzignhcmqgcmvhzgvylcbhbmqgy2xpy2sgdghlicdmb2dpbibxaxroifbjvibdyxjkjybidxr0b24gymvsb3cuzgqcaw8pfgqfagufawhkzbgbbr5fx0nvbnryb2xzumvxdwlyzvbvc3rcywnrs2v5x18wawuey3rsmdaktwfpbknvbnrlbnqkq2hly2tcb3hqt0fnbrnjdgwwmcrjq2fuy2vsjgn0bdaxbrnjdgwwmcrjq2fuy2vsjgn0bdazls/fm9a6vvp18rwsd2ic7rg/xts=" /> </item> <item name="__eventvalidation"> <value string="/wed22yslzwi7ykva222ghxs5i/gdgslzayxk222ubt+lqapeqxwhoqw8ippjhmjxgvdzyporp2222qsethdf2fkqkt3+giplj222/qq2a+jo7sdw69ci2b222177itzkmejtrs1w7najfkkqn8essz7gk+2222hijolatdrmbkydibi3/e22xjxszlb3zt02vabjbfgx61+zyi3222hiddmdq06row1papcbzabtz5cjbmk6kaeh/l222tzxqxnlc5z7kkxgno0zw1m8i6glrnouriemp0grg==" /> </item> <item name="ctl00$registrationid"> <value string="" /> </item> <item name="ctl00$maincontent$hfreadconsent"> <value string="yes" /> </item> <item name="ctl00$maincontent$userlogin$username"> <value string="" /> </item> <item name="ctl00$maincontent$userlogin$password"> <value string="" /> </item> <item name="ctl00$maincontent$btnloginwithsmartcard"> <value string="login smart card" /> </item> <item name="ctl00$maincontent$checkboxpoam"> <value string="on" /> </item> <item name="__viewstategenerator"> <value string="cd85d8d2" /> </item> </form> <cookies> <item name="__antixsrftoken"> <value string="58a7763a00bb42c286d47ac3ba217e64" /> </item> </cookies> </error>
thanks
edit 1: after executed document.execcommand('clearauthenticationcache');
follow document.location.href="/";
. error goes away after reloaded root url. reloaded page still caches pin. allowed me directly log in after selected popped out certificate without further asked pin number. not know why "clearauthenticationcache" can not clear cached pin.
this may answer question - client sends certificate server. server force client resend certificate. server has no idea browser got certificate - that's os (or 3rd party provider) code talks smart card. it's provider determine when user should re-prompted access smart card.
Comments
Post a Comment