Hello all. I have a problem that is probably failry easy to solve, but
I don't know where to look. (Or, really, what to look for.)
My customer has a tool (written in .NET) that encrypts strings. They
require us to use the tool to encrypt the connection strings to the
"real" database. We have had no problem with that.
However, they also want to use SQL Server to manage session state, and
would really like the ConnectionStrin g to the SQLServer DB that
manages session state to be encrypted/managed thru the same library,
and NOT stored in the web.config. The application stores the encrypted
string somewhere else.
What I'm trying to ascertain is if there is something that I can hook
to, possibly writing a custom library, so that instead of IIS looking
up the Connection String in the web.config file, it would ask my
library to give it the connection string.
As you can no doubt tell, I'm not really sure what I'm asking.
Hopefully, I've given enough information to point me in the right
direction.
Thanks again,
Chris 1 2638
Chris,
Would use of the aspnet_setreg utility (see http://support.microsoft.com/default...b;en-us;821616) be
sufficient? This would allow for use of an encrypted connection string,
albeit not using their preferred library.
Unfortunately, the existing session state loading mechanisms seem to allow
for no other modifiers that would permit specifying an alternate decryptor,
so it would seem there's no way to get your client's desired behaviour
without subclassing the HttpApplication to use an alternate IHttpModule for
session state. That would probably be much more work than it's worth, given
that aspnet_setreg provides a reasonable solution if the main goal is
encryption, rather than encryption with a particular library.
HTH,
Nicole
"Chris Snyder" <ba********@hot mail.com> wrote in message
news:a1******** *************** ***@posting.goo gle.com... Hello all. I have a problem that is probably failry easy to solve, but I don't know where to look. (Or, really, what to look for.)
My customer has a tool (written in .NET) that encrypts strings. They require us to use the tool to encrypt the connection strings to the "real" database. We have had no problem with that.
However, they also want to use SQL Server to manage session state, and would really like the ConnectionStrin g to the SQLServer DB that manages session state to be encrypted/managed thru the same library, and NOT stored in the web.config. The application stores the encrypted string somewhere else.
What I'm trying to ascertain is if there is something that I can hook to, possibly writing a custom library, so that instead of IIS looking up the Connection String in the web.config file, it would ask my library to give it the connection string.
As you can no doubt tell, I'm not really sure what I'm asking. Hopefully, I've given enough information to point me in the right direction.
Thanks again, Chris This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: quique |
last post by:
Hi all,
I want to know the advantages and disadvantages of the
methods of maintain session state, obviously if i choose
sqlserver is the most robust but the less performace..
If wan't to maintain session state in sqlserver, Does
anybody knows when it's saved to database?, on
beguinSession, on endSession...
<sessionState
|
by: A |
last post by:
Hi,
does anybody know how (if possible) to change the database name for the
session database (which is ASPState)?
My problem is that our website/sqlserverdb is hosted by an isp, and we are
not alone (on the server)
Regards,
|
by: Greg Linwood |
last post by:
I'm having difficulty understanding Session state in ASP.Net. It's almost
embarrassing asking this as I've been using ASP since it was first released
& it really shouldn't be this hard to use - perhaps I'm just not very smart
or perhaps MS is making this too hard for us sql bunnies to understand - I
dunno, but I'd really appreciate someone explaining what I'm doing wrong
here & perhaps suggest a better approach..
I'm familiar with use of...
|
by: John Q. Smith |
last post by:
I'm trying to find out some of the details behind OOP
state management with SQL Server. For instance
- how long does the session object live on any server? Is
it created and destoyed with each page request?
- will each reading of a session variable cause a round
trip to the DB server? or does the complete session live
within the HttpContext object?
- when asp.net session state is enabled (in any mode),
after a session has been created,...
|
by: John M |
last post by:
Hello,
On Microsoft Visual Studio .NET 2003,
I want to use some global elements,
that can be used in each one of my pages.
i.e I put a oleDBConnection on global.asax.vb
How can I use it (the oleDBConnection on global.asa.vb) at the other aspx
pages ?
| |
by: Al Fatykhov |
last post by:
Using MABLE logic engine with existing .NET applications.
MABLE web services provide an interface to MABLE business objects and logic.
Let us review some technical details of the MABLE web services.
· MABLE utilizes SOAP 1.2 protocol.
· MABLE uses AXIS 1.4 as a web service transport.
· MABLE support state-full conversations by implementing a conversation
session.
|
by: booksnore |
last post by:
I have an application where a have a single admin database and multiple
customer databases containing the customer's warehouse data. In the
admin database I hold a user table and also a client table which holds
the encrypted individual clients connection string to their database. At
the moment on every page of my web app I make a call to the admin
database to retrieve the connection string and then decrypt it (the
web.config holds the...
|
by: JoeSep |
last post by:
Hi!
Is it correct/safe to define a connection pool in the string
"sqlConnectionString" of the "sessionState" section of Web.config?
- The application is developed using AspNet 1.1 in a Windows Server 2003.
- The AspState DB is defined in a Sql Server 2000 DB on another server.
I have added this definition to the Web.config file:
<sessionState
mode="SQLServer"
|
by: Andrew Teece |
last post by:
Hope someone can help.
We are trying to deploy an ASP.Net 2.0 application to a 3-node webfarm.
The application uses the ReportViewer control in local mode, hence we
need session state.
Because we dont wan't a single point of failure we use SQL Session
State.
I have setup a persistant sql session state database on a SQL 2000
server (this is a cluster in production, so no SPOF)
I have setup our web.config files to include;
" <sessionState...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |