Hi,

One of our users report that he cannot access the pages in the website, but it doesn't occurs for the other user accounts.

In the system log, I find the exception which is telling that:

2011-09-14 15:52:44,693 ERROR mojoPortal.Web.Global - XXX.XXX.XXX.XXX-en-US - /reports-selection.aspx
System.ArgumentException: Invalid value for 'encryptedTicket' parameter.
   at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
   at mojoPortal.Web.mojoRoleProvider.GetRolesFromCookie()
   at mojoPortal.Web.mojoRoleProvider.GetRolesForUser(String userName)
   at System.Web.Security.RolePrincipal.IsInRole(String role)
   at mojoPortal.Business.WebHelpers.WebUser.IsInRole(String role)
   at mojoPortal.Business.WebHelpers.WebUser.get_IsAdmin()
   at mojoPortal.Business.WebHelpers.WebUser.get_IsAdminOrContentAdmin()
   at mojoPortal.Web.UI.AnalyticsAsyncTopScript.DoInit()
   at mojoPortal.Web.UI.AnalyticsAsyncTopScript.OnInit(EventArgs e)
   at System.Web.UI.Control.InitRecursive(Control namingContainer)
   at System.Web.UI.Control.InitRecursive(Control namingContainer)
   at System.Web.UI.Control.InitRecursive(Control namingContainer)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

I have done some test on that:

1. For the same computer and internet explorer, he can access the page using other user accounts.

2. It does not solved by clearing the explorer cache or using other computer.

3. The error only happens when accessing pages need to check the permission (i.e. "All users" do not have view permission of the page)

4. It can be solved if some specific role membership of that user is removed. (But I have tested other user account having that role can access the pages)

5. The user account having the problem have been created half year ago, the account is used quite frequently and do not have problem.

Do anyone have some suggestions on prevent or solve this problem and what is the reason of the error?

Hi Joe,

Here is some test result.

1. It does not solved if logout and login again.

2. It does not solved if clear the browser cookies.

3. It does not solved if I recycle the application pool, or restart the IIS.

4. I have not changed the mojoportal version and do not change the machine key since the site is opened (for near 1 year), but the problem only happen recently.

5. I have tried to set viewStateEncryptionMode in web.config to "Never", but it does not solved the problem.

I have checked for the error that I think sometimes it return a null value for some roles, so it can be solved if I delete those role membership for the user, but I does not solved the problem as the user missed some roles they should have.

Did they is some limitation for the role settings? For example the maximum role number the system/user can have? I have seen some documents say that it would cause this error if too many roles is added to a single user.