I have an application which is installed on a network share to be run
from one or more workstations. I have granted trust to the
applications on the workstations and the appropriate permissions on the
shared folder and the user's can execute the app with no problem.
I do have a problem, however, after the application starts. In the
application's .config file, the connectionStrin gs section of the file
is encrypted upon first run of the app (this is temporary). When
encrypted, the connectionStrin gs section can only be successfully
decrypted on the machine that first encrypted it. Other workstations
will not be able to run because they cannot decrypt the
connectionStrin gs section.
Here is the code used to encrypt the connectionStrin gs section of the
..config file:
//Encrypts the connectionStrin gs section of the .config file if
not already
static void ConfigEncryptio n()
{
string exeName = Assembly.GetExe cutingAssembly( ).Location;
// Open the configuration file and retrieve
// the connectionStrin gs section.
Configuration config =
ConfigurationMa nager.OpenExeCo nfiguration(exe Name);
ConnectionStrin gsSection section =
config.GetSecti on("connectionS trings") as ConnectionStrin gsSection;
//If the section is not already encrypted
if (!section.Secti onInformation.I sProtected)
{
// Encrypt the section.
section.Section Information.Pro tectSection("Rs aProtectedConfi gurationProvide r");
// Save the current configuration if we encrypted it
config.Save();
}
}
I believe my problem stems from the fact that when encrypted, the
encryption keys used are based on the machine that did the encrypting.
Other machines, because they do not have the keys, cannot decrypt the
connectionStrin g. Somehow, I need to let the other workstations know
how to decrypt the connectionStrin g section of the .config file.
Can anyone suggest any means to do what I want? What I want is the
following:
1. Be able to run the app from a network share from one or more
workstations.
2. Be able to encrypt the connectionStrin gs section of the .config
file.
Thanks for any information,
Chris 5 2471
Well, have you tried looking into the DpapiProtectedC onfigurationPro vider? I
suspect you may be able to export the dpapi keys and import them into the
other user's (or machines) profiles. Perhaps. Maybe.
Marc
Marc,
That's not going to work, as I think you have to base it either on the
machine, or the user, both of which will create a problem in this situation.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Marc Gravell" <ma**********@g mail.comwrote in message
news:u7******** ******@TK2MSFTN GP03.phx.gbl...
Well, have you tried looking into the DpapiProtectedC onfigurationPro vider?
I suspect you may be able to export the dpapi keys and import them into
the other user's (or machines) profiles. Perhaps. Maybe.
Marc
Fair enough; I was thinking of asp.net, where you can use aspnet_regiis with
"-pc -exp" (generate), "-px -pri" (export), "-pi" (import), "-pa" (grant
access) and "-pe" (encrypt) to share the encyption keys around a cluster.
Oh well... sorry if I only added confusion...
Marc
If I may ask. Why not use integrated security, then you don't have to worry
about the connection string?
--
William Stacey [MVP]
"Chris Dunaway" <du******@gmail .comwrote in message
news:11******** *************@p 79g2000cwp.goog legroups.com...
|I have an application which is installed on a network share to be run
| from one or more workstations. I have granted trust to the
| applications on the workstations and the appropriate permissions on the
| shared folder and the user's can execute the app with no problem.
|
| I do have a problem, however, after the application starts. In the
| application's .config file, the connectionStrin gs section of the file
| is encrypted upon first run of the app (this is temporary). When
| encrypted, the connectionStrin gs section can only be successfully
| decrypted on the machine that first encrypted it. Other workstations
| will not be able to run because they cannot decrypt the
| connectionStrin gs section.
|
| Here is the code used to encrypt the connectionStrin gs section of the
| .config file:
|
| //Encrypts the connectionStrin gs section of the .config file if
| not already
| static void ConfigEncryptio n()
| {
| string exeName = Assembly.GetExe cutingAssembly( ).Location;
|
| // Open the configuration file and retrieve
| // the connectionStrin gs section.
| Configuration config =
| ConfigurationMa nager.OpenExeCo nfiguration(exe Name);
|
| ConnectionStrin gsSection section =
| config.GetSecti on("connectionS trings") as ConnectionStrin gsSection;
|
| //If the section is not already encrypted
| if (!section.Secti onInformation.I sProtected)
| {
| // Encrypt the section.
|
|
section.Section Information.Pro tectSection("Rs aProtectedConfi gurationProvide r");
|
| // Save the current configuration if we encrypted it
| config.Save();
| }
| }
|
| I believe my problem stems from the fact that when encrypted, the
| encryption keys used are based on the machine that did the encrypting.
| Other machines, because they do not have the keys, cannot decrypt the
| connectionStrin g. Somehow, I need to let the other workstations know
| how to decrypt the connectionStrin g section of the .config file.
|
| Can anyone suggest any means to do what I want? What I want is the
| following:
|
| 1. Be able to run the app from a network share from one or more
| workstations.
| 2. Be able to encrypt the connectionStrin gs section of the .config
| file.
|
| Thanks for any information,
|
| Chris
|
William Stacey [MVP] wrote:
If I may ask. Why not use integrated security, then you don't have to worry
about the connection string?
Well, the simple answer to that is that I don't have control over that.
We just want to prevent casual browsing of the database. Encrypting
the connection string in this manner seemed a very simple way of doing
it. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Paul Robinson |
last post by:
I am developing a website in ASP that connects to a Sybase database.
However, when I try to open a connection to the database the page will not
load. The script does not timeout, nor the connection. Further, the Sybase
server shows no connection. Because the page is hanging I am unable, with my
limited knowledge, to query the error collection.
After many tries I will get an error page ...HTTP 403.9 Access forbidden:
Too many users are...
|
by: Mike Dole |
last post by:
I'm working on a client - server application based on the 'How to
Sockets Server and How to Sockets Client' code from the Visual Basic
..NET Resource Kit.
Since I want to be able to send 'big strings' instead of 'one liners'
I check the streams for terminators.
I'm having problems with the connection, I've been looking and
debugging for 2 weeks now (debugging with an emulator is terribly
slow..) but I'm not getting it...
|
by: Dayne |
last post by:
Guys,
I am writing a database application(vb.net , sql server) and is presently
storing the connection settings in a xml file...not very secure though. What
is a safer method in a dynamic environment?
Dayne
|
by: Brian Conway |
last post by:
I have no idea what is going on. I have a Login screen where someone types
in their login information and this populates a datagrid based off of the
login. Works great in debug and test through VS, however, when I change to
release and put it out on the web it fails giving me the following error
message
The underlying connection was closed. Could not establish a trust
relationship with the remote server.
|
by: vighnesh |
last post by:
Hi All
I am dealing a project in ASP.NET in which I have to establish a connection
to SQL Server 2000 database,where the database was located on a remote
system.
For this I have used SQLConnection object and specified the connetion
string.But when it comes to establish a connection its giving me the Error
that
I. Connection string : workstation id=localhost;packet size=4096;user
| |
by: hfk0 |
last post by:
Hi,
I have a simple asp.net application running ok on my WinXP development
server with SQL Server Express 2005 installed locally. After moving to
the live server (Win 2000 server with MSDE 2000 installed locally),
it's giving me the 'SQL Network Interface Error (error 25): connection
string is not valid'.
So far, i've tried using the following connection string in my
web.config file:
|
by: girthyvhf |
last post by:
Hello all,
I am trying to use the example for encrypting connection strings
called:
How To: Build And Run the Protected Configuration Provider Example.
This is located in VS 2005 help at:
ms-help://MS.VSCC.v80/MS.MSDN.v80/MS.VisualStudio.v80.en/dv_aspnetcon/html/7ed8b347-c790-4768-9ae3-53ddc934ac78.htm
|
by: crbd98 |
last post by:
Hello All,
Some time ago, I implemented a data access layer that included a simple
connectin pool. At the time, I did it all by myself: I created N
connections, each connection associated with a worker thread that would
execute the db commands. The pool was fixed and all the connections
were created when the db access class was instantiated. The
connections remained opened during the whole execution. If a connection
was not available...
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection items like datasource,password,userid as
plain strings in the registry.
I'd now like to make these secure against people reading them.
I thought of encrypting/decrypting each string when i write to the registry
but I wouldnt know where to find a...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |