Hi, my asp.net application is accessing a mssql on another server.
This works fine when I use this in my web.config file:
<add key="dbkey" value="server=1 92.12.12.1;data base=mydb;user= dbuser;password =mypassword"
/>
However I don't like to store my password in plain text.
I played around with aspnet_setreg.e xe and I followed those
instructions: http://support.microsoft.com/default...;en-us;Q329290
However my application says ' Could not create Windows user token from
the credentials specified in the config file'
when I use it in the recommended way:
<identity impersonate="tr ue"
userName="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,userName"
password="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,password"
/>
I don't really need the asp.net worker process to run impersonate. All
I need is to store and transmit the password encrypted.
Does anyone have a suggestion?
Thanks 3 13388
You can try the dpapi. http://msdn.microsoft.com/library/de...l/secmod22.asp
"Henry" wrote: Hi, my asp.net application is accessing a mssql on another server. This works fine when I use this in my web.config file:
<add key="dbkey" value="server=1 92.12.12.1;data base=mydb;user= dbuser;password =mypassword" />
However I don't like to store my password in plain text.
I played around with aspnet_setreg.e xe and I followed those instructions:
http://support.microsoft.com/default...;en-us;Q329290
However my application says ' Could not create Windows user token from the credentials specified in the config file'
when I use it in the recommended way:
<identity impersonate="tr ue" userName="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,userName" password="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,password" />
I don't really need the asp.net worker process to run impersonate. All I need is to store and transmit the password encrypted.
Does anyone have a suggestion?
Thanks
What you are doing when you use setreg the way you did was to impersonate the aspnet process, meaning that all the resources that your web app accesses will run under that user. For this to happen, the user that you specified, must be a user with a valid account. Hence your error!
If you want this to work with SQL Server, you must use windows authentication to connect to your SQL Server, but your connection string shows that you are using SQL authentication.
So you have two choices.
1 - Use windows authentication to connect to SQL Server. You can create an account on your web server, set this user account with setreg, and put it in the identity element as you did. Then create the same user and password on the SQL Server and give that user access to your database.
2 - With setreg there is also an option to store your entire connectionstrin g in a similar fashion as the username. You can continue using SQL Server authentication, and whenever you need to connect to the database you would retrieve the value of the connectionstrin g from the web.config file as usual.
Of the two, I would recommended the first one because the password is stored and transmited with windows NTLM and is thus more secure.
Hope this helps,
John
"Henry" wrote: Hi, my asp.net application is accessing a mssql on another server. This works fine when I use this in my web.config file:
<add key="dbkey" value="server=1 92.12.12.1;data base=mydb;user= dbuser;password =mypassword" />
However I don't like to store my password in plain text.
I played around with aspnet_setreg.e xe and I followed those instructions:
http://support.microsoft.com/default...;en-us;Q329290
However my application says ' Could not create Windows user token from the credentials specified in the config file'
when I use it in the recommended way:
<identity impersonate="tr ue" userName="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,userName" password="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,password" />
I don't really need the asp.net worker process to run impersonate. All I need is to store and transmit the password encrypted.
Does anyone have a suggestion?
Thanks
thanks for your answers.
both servers (web,db) have an identical user account (dbuser). Those
are local accounts.
I tried to get it to work without the encryption first:
in my web.config I have:
<authenticati on mode="Windows" />
<identity impersonate="tr ue"
userName="dbuse r"
password="secre t"
/>
<add key="dbkey" value="Integrat ed Security=SSPI;P ersist Security
Info=False;Init ial Catalog=mydb;Da ta Source=192.12.1 2.1;Connect
Timeout=30" />
After I added the proper permissions to the used 'dbuser' I get this
error:
Login failed for user '(null)'. Reason: Not associated with a trusted
SQL Server connection.
It seems that the impersonated user does not get transmitted during
database connection. I also played with the IIS authentication methods
but to no avail.
Thanks, Henry
John Sivilla <Jo*********@di scussions.micro soft.com> wrote in message news:<43******* *************** ************@mi crosoft.com>... What you are doing when you use setreg the way you did was to impersonate the aspnet process, meaning that all the resources that your web app accesses will run under that user. For this to happen, the user that you specified, must be a user with a valid account. Hence your error!
If you want this to work with SQL Server, you must use windows authentication to connect to your SQL Server, but your connection string shows that you are using SQL authentication.
So you have two choices.
1 - Use windows authentication to connect to SQL Server. You can create an account on your web server, set this user account with setreg, and put it in the identity element as you did. Then create the same user and password on the SQL Server and give that user access to your database.
2 - With setreg there is also an option to store your entire connectionstrin g in a similar fashion as the username. You can continue using SQL Server authentication, and whenever you need to connect to the database you would retrieve the value of the connectionstrin g from the web.config file as usual.
Of the two, I would recommended the first one because the password is stored and transmited with windows NTLM and is thus more secure.
Hope this helps, John
"Henry" wrote:
Hi, my asp.net application is accessing a mssql on another server. This works fine when I use this in my web.config file:
<add key="dbkey" value="server=1 92.12.12.1;data base=mydb;user= dbuser;password =mypassword" />
However I don't like to store my password in plain text.
I played around with aspnet_setreg.e xe and I followed those instructions:
http://support.microsoft.com/default...;en-us;Q329290
However my application says ' Could not create Windows user token from the credentials specified in the config file'
when I use it in the recommended way:
<identity impersonate="tr ue" userName="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,userName" password="regis try:HKLM\SOFTWA RE\MYDB\identit y\ASPNET_SETREG ,password" />
I don't really need the asp.net worker process to run impersonate. All I need is to store and transmit the password encrypted.
Does anyone have a suggestion?
Thanks This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: wqhdebian |
last post by:
As far as I know,when encrypt or decrypt ,a key must first be got,and
the key is first generate by a tool or from SecurityRandom,that means
I can not generate the same key with the same input.Does there is a
method which can generate a same with the same input string?
There is a need to transfer file between to site,and the customer
wish to encrypt these files during transfering,and they want to store
a string into each database at...
|
by: CLEAR-RCIC |
last post by:
Hello All:
I want to encrypt a username/password inside a config file that will be read
and decrypted by a .dll. I have discovered many ways to do this looking at
Google but was wondering if anyone could recomend one method over another.
Any thoughts?
|
by: Anand |
last post by:
Hi,
I want to encrypt userid and password on the web config
file. I ran the aspnet_setreg.exe and encrypted it on the
registry and in the web config file i wrote
<identity impersonate = "true"
userName="registery:HKLM:\SOFTWARE\MYAPP\identity\ASPNET_SE
TREG,userName"
password=="registery:HKLM:\SOFTWARE\MYAPP\identity\ASPNET_S
|
by: Alex Nitulescu |
last post by:
Hi. I am writing an app which stores usernames/passwords and email addresses
in a database table.
The question is how can I encrypt the password provided by the user ?
FormsAuthentication.Encrypt produces an encrypted string, but it is for use
in a ticket.
On the other hand, FormsAuthentication.HashPasswordForStoringInConfigFile
produces an encrypted string for use in a config.xml file.
|
by: Gabor |
last post by:
Hi,
I have an app. that uses an MSDE database. I hardcoded the login and
password in the application, but it is very simple to see with an ILDASM.exe
tool.
Is it any procedure to obscure the hard coded connection string, or how can
I connect to the database with an encrypted password?
Thanks in advance
| |
by: Jean Christophe Avard |
last post by:
Hi! I am designing an application wich comes with image file. These images
are copyrighted and they have to be accessible only from within the
application. At first, I tought I was going to store them in a database, but
since there will be much more than 2go, I'm going to need multiple database,
and it's no good for CPU performance...
I read about encrypting picture instead of storing them in a DB. But I only
found thing about string...
|
by: google |
last post by:
OK, I know how to encrypt and decrypt data, but here's the deal:
I have a large Winforms .NET 2.0 application which is currently storing
the connection string in the app.config file unencrypted (currently
using Windows integrated security, so there's no password). There are
only 3 users using the app right now, but that will change soon and
we're not going to have our DBAs add every user to the database... Our
data entry personnel have...
|
by: Aneesh P |
last post by:
Hi All,
I need to encrypt some fields esp password key values in configuration
file while installting the application using .Net installer project
and decrypt those values from my solution(windows service). Is there
any built in method in.Net that I can use. The flow would be like
this:
Accept username/password from .Net installer dialog
V
|
by: cnivas |
last post by:
Hai All,
Good Evening,
I'm doing a small application using python and MySQL in APPLE MACINTOSH OPERATING SYSTEM. I want to to store the password in encrypted form in the database. While retriving the password it should check the encrypted text with the plain text and it should navigate to the other form.
I have done the encrypted form, but while checking the parameters it should not check the plain text with the encrypted text. It only...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |