Using machineKey with ASP.NET Membership

mbrship-1.pngEither you run your web site in the shared hosting environment or on your local IIS server, you likely have several ASP.NET applications running in the same root directory. Each of them can be configured as a separate web application and run totally independent from others. Although BlogEngine is not (yet) multi-blogging platform, you can easily run bunch of BlogEngins on the same root for number of bloggers. Lets say, you have 3 bloggers contributing to your site and you want each of them have their very own blog, then you create similar structure:

Copy instance of BlogEngine into every subdirectory and configure it as application in the IIS, and it looks like you all set. John comes in, logs into his site as admin and everything seems to be working just fine. But then he goes to the Mark's site and finds out that he can administer that one too. What's going on? Simple, both sites are using ASP.NET membership and both run on the same box - and IIS assumes that you want single sign-in functionality by default. This is a cool feature, with no coding required you get single sign-in for free. This is great - but not exactly what we want in our case.

Fortunately, it is easy to tell IIS that you want each site use it's own membership, you only need to change machine key value in the web configuration file. This is big ugly encrypted value that will be different on every PC, but you don't need to have multiple computers to generate them. Just go to machineKey Generator web site and push "Generate" button (leaving all defaults), then copy and paste result in the web config replacing standard machine key. Repeat for each blog you want use it's own membership provider, and security roles for each site will no longer interfere with each other.


This site is all about developing web applications with focus on designing and building open source blogging solutions. Technologies include ASP.NET Core, C#, Angular, JavaScript and more.