【IT168技术文档】
在虚拟主机上使用FormsAuthentication,有时为了安全,通常可以使用自己生成随机的machineKey。
using System.Web.Configuration; /**////打开web.config文件,写入新生成的machineKey Configuration config = WebConfigurationManager.OpenWebConfiguration("/"); MachineKeySection configSection = (MachineKeySection)config.GetSection("system.web/machineKey"); configSection.ValidationKey = CreateKey(64); configSection.DecryptionKey = CreateKey(24); configSection.Validation = MachineKeyValidation.SHA1; if (!configSection.SectionInformation.IsLocked) { config.Save(); Response.Write("写入成功!"); } else { Response.Write("写入失败!段被锁定!"); }
using System.Security.Cryptography; /**////生成随机Key public static string CreateKey(int numBytes) { RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[numBytes]; rng.GetBytes(buff); System.Text.StringBuilder hexString = new System.Text.StringBuilder(64); for (int i = 0; i < buff.Length; i++) { hexString.Append(String.Format("{0:X2}", buff[i])); } return hexString.ToString(); }
