A web page needs a read-only TextBox, the value of which will be set by client-side JavaScript (that pops up a picklist and chooses a value…). Users should not be able to modify the TextBox contents directly. To disable user input, we tried setting the TextBox’s properties “ReadOnly=true” and separately “Enabled=false”. This worked in ASP.Net 1.1.
However, ASP.NET 2.0, a security enhancement was made so that changes to values in ReadOnly or Disabled TextBoxes are ignored; the original value, stored in ViewState is presented on the server.
What is a valid work-around for this situation?
We added the HTML attribute “ReadOnly” to the TextBox manually, using code like:
TextBox1.Attributes.Add("ReadOnly", "true");
This ended up working: it appears that the browser respects the HTML tag, and ASP.NET is tricked into thinking the control is not read only. Is this the best workaround, or is there a better hook?
In ASP.NET 2.0 when you are using ReadOnly property, user can’t enter anything in textbox by any wayTo restrict user entry you should use:
TextBox1.Attributes.Add("contentEditable", "false");


We are using Forms Authentication.It was working fine for us until we started using a load balancer with three IIS boxes. We are not setting an encryption key anywhere. We are using the encryption provided by ASP.NET 2.0 We are getting the following exception now. I believe it is failing when consecutive requests are going to different IIS boxes and the different IIS boxes are not sharing an encryption key. Any idea?
Good start to resolve this would be: How To: Configure MachineKey in ASP.NET 2.0
More: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/paght000007.asp