开发者

How to encrypt username and password in Web.config in C# 2.0

开发者 https://www.devze.com 2023-03-11 07:13 出处:网络
I have the entries below in my Web.config and I am using .NET 2.0 and C# for coding. <add key=\"userName\" value=\"s752549\"/>

I have the entries below in my Web.config and I am using .NET 2.0 and C# for coding.

 <add key="userName" value="s752549"/>
 <add key="userPassword" value="Delhi@007"/>

Now I want this to be encrypted so that开发者_如何学JAVA nobody can see it, and also these passwords may change frequently (every fifteen days).


Just wanted to add to this, the marked answer was 99% complete, but it didn't provide how to specify the location of the web config. Rather than root around the internet, thought I'd just post the complete command. As such, here is the command I executed

C:\Windows\Microsoft.NET\Framework64\v4.0.30319>aspnet_regiis -pef "secureAppSettings" "C:\MyLocalPublishDirectory\MyApp" -prov DataProtectionConfigurationProvider


You could put the username and password into a separate section and encrypt this section only. For example:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <configSections>
        <section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    </configSections>

    <appSettings>
        <add key="Host" value="www.foo.com" />
        <add key="Token" value="qwerqwre" />
        <add key="AccountId" value="123" />
        <add key="DepartmentId" value="456" />
        <add key="SessionEmail" value="foo@foo.com" />
        <add key="DefaultFolder" value="789" />  
    </appSettings>

    <secureAppSettings>
        <add key="userName" value="s752549"/>
        <add key="userPassword" value="Delhi@007"/>

    </secureAppSettings>  
</configuration>

and then use aspnet_regiis

For Ex: 
aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider


You can Protect / Unprotect entire config sections in .NET.

For more info see http://www.codeproject.com/Articles/38188/Encrypt-Your-Web-config-Please.aspx


you could use aspnet_regiis, see http://msdn.microsoft.com/en-us/library/zhhddkxy(v=VS.80).aspx

0

精彩评论

暂无评论...
验证码 换一张
取 消