RSS
 

Archive for the ‘ASP.Net’ Category

Encrypt Connection String @Web.config in ASP.Net

05 Jul
  1. using RSA public key encryption. This type of encryption allows the export and import of keys which is useful when the solution is deployed in distributed fashion such as web farm

i implement this method to enable you to encrypt connection string section

         public  void  EncryptConnectionString()
         {
             Configuration  configuration = WebConfigurationManager .OpenWebConfiguration("~" );
             ConfigurationSection  configurationSection = configuration.GetSection("connectionstrings" );
             if (configurationSection != null  && !configurationSection.SectionInformation.IsLocked && !configurationSection.SectionInformation.IsProtected
                 && !configurationSection.IsReadOnly())
             {
                 configurationSection.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider" );
                 configurationSection.SectionInformation.ForceSave = true ;
                 configuration.Save(ConfigurationSaveMode .Full);
             }
             else 
             {
                 if  (configurationSection != null )
                 {
                     configurationSection.SectionInformation.UnprotectSection();
                     configurationSection.SectionInformation.ForceSave = true ;
                 }
                 configuration.Save(ConfigurationSaveMode .Full);
             }
         }
Encryption and decryption is performed using the Windows Data Protection API  (DPAPI). Because
DPAPI does not allow the exporting of keys, this provider  should be used in situations where
the deployed solution is limited to a single  server.


if you want to encrypt any section of configuration file in non- programmatic way. Doing this


means that the configuration section can be encrypted before use and  then, as suggested


earlier, it is decrypted transparently at run time only for  use by the server. This can all


be achieved at the command prompt using the  Aspnet_regiis utility.




Keep, this in your mind ...> It should be noted that the encryption of configuration sections


can cause  problems. If the section is encrypted using DataProtectionConfigurationProvider and


the config file is  moved to a different machine, this new location cannot decrypt the value. With  RSAProtectedConfigurationProvider, however, the key can be  exported to a different machine along with the configuration file; this means  decryption can take place using the same exported key.







			

			 Wikio

			

			Wikio
		
			 

			 
						
 

					

	
					

						

							No Comments
							
Posted  in ASP.Net

						

						
 

					

				

				
							

					
Integrating Twitter Into An ASP.NET Website

					

						

							25
							Mar
						

					

	
					

						

			

			 Wikio

			

			Wikio
		
			 

			 
						
 

					

	
					

						

							No Comments
							
Posted  in ASP.Net

						

						
 

					

				

				
				
			

				

				

			

		

		
		






 


 





You need to log in to vote



The blog owner requires users to be logged in to be able to vote for this post.


Alternatively, if you do not have an account yet you can create one here.


Powered by Vote It Up

					

				

			

			
			
			
			
		

		
		



        
My Highlights
         powered by 
        RoohIt
        (for WordPress)