Event ID 1309 Event Code: 3005

Question

User-1843901749 posted

Hi,

First time poster so I hope I do this right.

I have a frustrating problem on my Winsrv 2008 R2 x64 sp1 running IIS 6.1.
On this server we run a web application called PBM for Hogia. Which is an economy program.
The webapp is using ASP.NET 4.0.30319

As I am new at this company, I do now know when this problem started. All I know is that it is a problem.

The application log is literally flooded with event id 1309 event code 3005.
Error is shown below:

Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 2014-09-23 14:41:33
Event time (UTC): 2014-09-23 12:41:33
Event ID: 419e34823acc437488d857ec92e1f349
Event sequence: 4933
Event occurrence: 16
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/1/ROOT/Pbm-1-130559415756335150
Trust level: Full
Application Virtual Path: /Pbm
Application Path: C:\Program Files (x86)\Hogia\Hogia.Pbm.WebClient\
Machine name: SERVER

Process information:
Process ID: 3708
Process name: w3wp.exe
Account name: IIS APPPOOL\ASP.NET v4.0 Pbm

Exception information:
Exception type: HttpException
Exception message: Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Hogia.Web.Security.AuthenticationManager`1.get_CurrentTicket()
at Hogia.Web.Security.AuthenticationManager`1.AuthenticateRequest(Boolean renewTicket)
at Hogia.Web.Mvc.Controller`1.AuthenticateRequest()
at Hogia.Web.Mvc.Controller`1.Initialize(RequestContext requestContext)
at System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext)
at System.Web.Mvc.MvcHandler.<>c__DisplayClass6.<>c__DisplayClassb.<BeginProcessRequest>b__5()
at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass1.<MakeVoidDelegate>b__0()
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Request information:
Request URL: http://server/Pbm?pbmCS=aHR0cDovL01PUlZNSFIwMS9DcmVkZW50aWFsU2VydmljZS8=&pbmCsUrl=aHR0cDovL01PUlZNSFIwMS9DcmVkZW50aWFsU2VydmljZS8vU2VydmljZS5hc214&pbmToken=TnpKbE1qVmpOV1F0TkdRelpDMDBOemc1TFdFMk5Ea3RZbUV3TVRneE9ETmhZV1kwT0RaQlFqQXdSREUxUVRFM016bEdRVU5GTlVJek5FTkZNRVEwTVRjeU5qUkVPRVF3TmpNMFF3PT0=&pbmUrl=aHR0cDovL21vcnZtaHIwMS9CdXNpbmVzc01hbmFnZXIvRGVmYXVsdC5hc3B4
Request path: /Pbm
User host address: 126.1.84.83
User:
Is authenticated: False
Authentication Type:
Thread account name: IIS APPPOOL\ASP.NET v4.0 Pbm

Thread information:
Thread ID: 48
Thread account name: IIS APPPOOL\ASP.NET v4.0 Pbm
Is impersonating: False
Stack trace: at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket)
at Hogia.Web.Security.AuthenticationManager`1.get_CurrentTicket()
at Hogia.Web.Security.AuthenticationManager`1.AuthenticateRequest(Boolean renewTicket)
at Hogia.Web.Mvc.Controller`1.AuthenticateRequest()
at Hogia.Web.Mvc.Controller`1.Initialize(RequestContext requestContext)
at System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext)
at System.Web.Mvc.MvcHandler.<>c__DisplayClass6.<>c__DisplayClassb.<BeginProcessRequest>b__5()
at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass1.<MakeVoidDelegate>b__0()
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)


Custom event details:

This gets generated every time a user tries to access the webpage. However - if they clear out their internet settings, they can access the site temporarely.
This is the error the user is presented.

I don't really know where to start to try getting this solved. Could you give me any advice?

Thank you in advance.

Answer 1

User1713535270 posted

From the screen capture, it could be due to database connection issue. Is your application connected to database server and is it working fine?

Answer 2

User-823319154 posted

Hi aslev,

First it's recommended to enable the failed Request Tracing in IIS, this will give us some hint on why a request has failed.

It's also recommended to use Log Parser Tool from Microsoft Download Center to parser the error message, see: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07 

Please let me know if there is anything that I can do to help.

Best regards,

Angie

Answer 3

User-1843901749 posted

Hi,

Thank you both for a quick response.

I have enabled the Tracer and trying to work out how it works to get the proper log from it.

The application is connected to another server running sql 2008 r2 which is running ok. We recently upgraded it from sql 2005 just a few months ago, the problems have escalated since then. We a have a full server migration in the pipeline but its another 6 months away atleast so I have to deal with this.

Answer 4

User1183424175 posted

Hi,

According to your description, I also think it seems to be sql server connection issue. I think you can try adding userid and password(sa or other) in the connection string.