Appreciate this is more of a .NET question, but I wonder whether you chaps had done anything along these lines before?
Our web servers are balanced across two servers. We have a load balancing software, although what algorithm it used when deciding which server to send visitors too is beyond my knowledge.
The problem I am having is that we enable users to create new media in that they upload documents to the server via a user control. We get around the load balancing situation by using a DNS name for one server so that all documents are stored on that one server.
We are having a problem in that when one user accesses the upload form, he is being asked to login again, being presented with a login form rather than the upload form.
I can only assume it is because the authentication token is not being passed to the upload server and he has authenticated on the non-upload server. Although I am more than willing to bow to superior knowledge!
1. Do you share Session-State over the to Servers? It's not possible to use InProc for the session state you need to use State-Server, SQL Server Session State or something like AppFabric (Codename Velocity) that both servers can access session state.
2. I think you need to specify a machinekey in your web.config file that each server is able to decrypt the data in the user-session. This should look like this:
ASP.NET Authentication & Load Balancing
Hi all,
Appreciate this is more of a .NET question, but I wonder whether you chaps had done anything along these lines before?
Our web servers are balanced across two servers. We have a load balancing software, although what algorithm it used when deciding which server to send visitors too is beyond my knowledge.
The problem I am having is that we enable users to create new media in that they upload documents to the server via a user control. We get around the load balancing situation by using a DNS name for one server so that all documents are stored on that one server.
We are having a problem in that when one user accesses the upload form, he is being asked to login again, being presented with a login form rather than the upload form.
I can only assume it is because the authentication token is not being passed to the upload server and he has authenticated on the non-upload server. Although I am more than willing to bow to superior knowledge!
Thanks for any ideas you may have.
Cheers,
Darryl
I'm currently reading this article:
http://msdn.microsoft.com/en-us/library/ms998288.aspx
I wonder whether this is the problem.
Hi,
there are two things that come into my mind:
1. Do you share Session-State over the to Servers? It's not possible to use InProc for the session state you need to use State-Server, SQL Server Session State or something like AppFabric (Codename Velocity) that both servers can access session state.
2. I think you need to specify a machinekey in your web.config file that each server is able to decrypt the data in the user-session. This should look like this:
try googeling about this ;)
Hope this helps
Toby
is working on a reply...