asp.net mvc web application hosted as azure app service, this uses forms authentication. The site when accessed after a week gives error

Question

asp.net mvc web application hosted as azure app service, this uses forms authentication.

• The site when accessed after a week gives error and I can login to the site and browse.

When I try to submit a form on the site it gives error

"Error An error occurred while processing your request" Without making any changes to the code, if i republish the code to azure or restart the app service, the error is gone.

I looked at the application event log in azure portal.

it has this error 4005 Forms authentication failed for the request. Reason: The ticket supplied has expired.

Answer 1

Hello Tasneem Nomani,

Welcome to the Microsoft Q&A and thank you for posting your questions here.

Problem

I understand that you are having an error: "An error occurred while processing your request" during submission of your asp.net mvc web application hosted as azure app service mostly after a week deployment and error code 4005 Forms authentication failed for the request and reason: "The ticket supplied has expired." was found in the log.

Solution

The error indicates that the authentication ticket (cookie) used for Forms Authentication has expired. This issue can occur if the authentication ticket's expiration is set to a short duration or if there's a mismatch between the ticket's expiration and the application's session timeout.

The followings are possible solution I can think of:

1. In the web.config file, check the timeout attribute in the <forms> tag under <authentication>. You might want to increase this value to a more extended period that matches the expected user activity duration this will increase the Timeout Duration:

      <authentication mode="Forms"> 
             <forms loginUrl="~/Account/Login" timeout="2880" />
       </authentication>
   

   Here, timeout="2880" sets the expiration to 2880 minutes (48 hours).
2. Ensure that the slidingExpiration attribute is set to true. This will reset the expiration time each time the user makes a request, keeping the user logged in as long as they are active. For example:

      <authentication mode="Forms"> 
             <forms loginUrl="~/Account/Login" timeout="2880" slidingExpiration="true" />
       </authentication>
   

3. Ensure that the <machineKey> element in the web.config file is explicitly set, as inconsistent machine keys can lead to issues with authentication cookies. For example:

      <machineKey 
               validationKey="A_VALIDATION_KEY" 
                 decryptionKey="A_DECRYPTION_KEY"
      validation="SHA1" />
   

4. Look into the scaling settings, app service plan configuration, and any potential memory issues.

Accept Answer

I hope this is helpful! Do not hesitate to let me know if you have any other questions.

** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful ** so that others in the community facing similar issues can easily find the solution.

Best Regards,

Sina Salam

Answer 2

A week? It sounds to me like you don't have forms auth configured properly.

1. When you sign in initially do you check any option about remembering the user information?
2. If you close the browser and open it back up do you get prompted to log in again or do you get auto-logged in?
3. If you sign out of your app and then sign back in does it work?

With just the limited information provided it sort of sounds like you're logging the user in once and then reusing their credentials until eventually the credentials expire. 1 week is way too long for credentials to be valid for though. 20 minutes, with sliding expiration, is a general recommendation with 1 hour being an upper limit.