So I’m building a asp.net mvc application and have been doing testing w/ Cassini (visual studio built in web server; localhost:8080). All is well.
When I published my app to run it locally in IIS (localhost:80) I get:
"Validation of ViewState MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies <machineKey> the same validationKey and validation algorithm. Self can not be used in a cluster."
After a bunch of googling I realized that it had to do with viewstate which lead me to the concept that it must have to do w/ the anti forgery token since by definition MVC doesn’t use viewstate outside of that.
I then quickly came the conclusion that the token is dropping and reading a cookie; as it turns out localhost doesn’t differentiate between ports and so it was reading my cassini (8080) token and trying to use it w/ my IIS application (80).
Long story short remove your cookie __RequestVerificationToken_Lw__ and all will be well
Hopefully this will help others get past this issue in less time than it took me (~ an hour)