Skip to content

Failed to authenticate session

Problem

You are unable to browse Zervicepoint UserWeb or AdminWeb. The following error appears in the Eventlog.

Source: UserWeb/AdminWeb

Message: Failed to authenticate session. Possibly because machineKey was changed in web.config or the webserver has been 
reinstalled? Clearing session cookies. Exception: System.InvalidOperationException: ID1073: A CryptographicException 
occurred when attempting to decrypt the cookie using the ProtectedData API (see inner exception for details). If you are 
using IIS 7.5, this could be due to the loadUserProfile setting on the Application Pool being set to false.  ---> System.
Security.Cryptography.CryptographicException: Key not valid for use in specified state.

Solution

In some environments it is required that the Application Pool is set the load the user profile of the account running the service. Do this in the IIS console on the frontend server, on the Advanced Settings for the Application Pool running the Zervicepoint sites.

If you have a load balanced frontend (two or more servers)

You will need to set a machine key on all balanced frontend servers through IIS.

  1. Open IIS on the first frontend server.
  2. Select the website (UserWeb and/or AdminWeb).
  3. Double click Machine Key
  4. Click 'Generate Keys' on the far right.
  5. Copy the keys and click Apply.
  6. Add these keys to the second frontend server's Machine Key settings.
  7. Repeat the steps for all balanced sites and servers.

Troubleshooting guidelines