I would like to know the best way to store credentials in a c# application.
I am writing some administrative tools and will need to store username and
password information for a domain account with elevated privileges. While I
am sure this is not a "best practice" I have not come up with a way around
this as not all users of the app will have the permissions on their accounts.
Any advice on is most appreciated.
Thanks
--
Adam S
May 15 '07
13  12691 
Right, but those programs are running under a set of user credentials,
the credentials are not embedded anywhere in those apps. This user is
suggesting embedding the credentials in his application somehow.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
"Christof Nordiek" <cn@nospam.dewr ote in message
news:O%******** ********@TK2MSF TNGP02.phx.gbl. ..
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c omschrieb
im Newsbeitrag news:8A******** *************** ***********@mic rosoft.com...
> I get that, but I can't even begin to tell you what a monumentally bad
idea that is. If a user doesn't have permission to perform an action,
there is a very good reason for it, and if they need to perform an
action, they should know the credentials of an account which can perform
it, or they should be given rights to do it.
But when I start a service, the service may run under a service account
and may have permissions that the I don't have.
Another example would be a server application like a web application on
ISS. The web application can, on behalf of the user, can do things, the
user wouldn't be able directly.
Maybe this is a solution for the OP also: Make a Webservice or a
WindowsService and then configure it, to use an account with the
aproppriate permissions.
BTW How does the Service Console store credentials?
Christof
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c omschrieb
im Newsbeitrag news:35******** *************** ***********@mic rosoft.com...
Right, but those programs are running under a set of user credentials,
the credentials are not embedded anywhere in those apps. This user is
suggesting embedding the credentials in his application somehow.
I suppose he only wants a the programm to use credentials, not given to him
by the user.
Surely someone has to provide the credentials, (or the programm has to be
the system itself). ;-)
But this could be done by an administrator e.g. while installation, or it
could be done "by the programmer", so that the credentials are really stored
inside the app (in its binaries). The last surely is best practice, as the
OP itself says.
Christof
Hi,
I would agree with Nich. It's a bad idea!
But, I my self had to use crypto providers to store SQL server
credentials (I used ProtectSection of configuration manager) in cases
Windows NT authentication can't be used.
Anyhow, I think it's a bad idea and if you can, don't do it! =)
Moty
Hi Adam,
How about this issue now? Do all the replies make sense to you? If you
still need any help or have any concern, please feel free to feedback,
thanks.
Best regards,
Jeffrey Tan
Microsoft Online Community Support
=============== =============== =============== =====
Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscripti...t/default.aspx.
=============== =============== =============== =====
This posting is provided "AS IS" with no warranties, and confers no rights. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Angelo Vargheese |
last post by:
Hi,
I am trying to retrieve XML created by ASP pages on different servers
and display them on a single ASP.Net page.
I was planning to use the XMLDocument and XMLResolver objects like
below:
xmlResolver.Credentials = CredentialCache.DefaultCredentials
xmlDoc = New XmlDocument
xmlDoc.XmlResolver = xmlResolver
|
by: Grind Boy |
last post by:
Hi,
I'm writing this off the top of my head as I don't have the exact
information to hand.
We are attempting to set up a secure internet site using ASP.NET on IIS5.
We are having some authentication problems early on in the project. The
plan is to have 1 ASP.NET (IIS) forms application serving user requests
and another ASP.NET (IIS) webservice interfacing to the database.
|
by: Chris L |
last post by:
Hello,
I'm hoping to find out if it is possible to connect
within an ASP.NET application to Active Directory with
the credentials of the person who accessed the ASP.NET
application via IIS, using windows integrated
authentication.
I've tried using ADO, ADSI, and Directory Services, but I
have yet to find a way to connect to active directory
|
by: elora_c |
last post by:
I'm making a call to a webservice from my ASP.NET page. The web
application has anonymous access turned off and Integrated Windows auth
turned on. The web.config has <identity impersonate=true>. I set the
credentials of the web service proxy to the DefaultCredentials. Right
before I make the call, I print out the WindowsIdentity, and it is
showing the right identity. So I know the web application is
authenticating properly. However,...
|
by: Wild Wind |
last post by:
Hello,
I have an application which calls a web service across the
Internet from a client machine.
The site that I have deployed the application to is such that
to browse the Internet using a web browser, a person needs to
do the following:
(a) ensure that a proxy server address is specified;
| | |
by: Gerhard |
last post by:
I have an application that needs to be able to upload documents that can
latter be accessed and opened by a hyperlink. I can do this easliy if I
store the files in a subdirectory in the application, but we will be using
multiple web servers, so the files need to be stored on a common file server.
Saving them is easy enough, but how do I point a hyperlink at a file on a
file server that is different from the web server?
Could you please...
|
by: Christof Nordiek |
last post by:
I'm writing a windows service wich shall be able to access certain resources
(files etc). So accessrights will have to be configurable by a local
administrator.
One option is to use the account under wich the service runs wich can be set
while installation or in the services window.
Another option i'm looking for will be to enter the credentials in an
administration form and then use impersonation or something. Is this
feasable? How...
|
by: Mythran |
last post by:
We followed an example found on MSDN to create an encrypted
FormsAuthenticationTicket and storing the ticket in a cookie. Is this the
"correct" way to store the authentication ticket? We are attempting to
create a web service from the web application and our goal is to have the
user login to the web application and then, using the same credentials
and/or authentication objects, access the web services to retrieve our data
from other...
|
by: Wimpie van Lingen |
last post by:
Hey
I have some more questions with regards to Remoting in .NET 2. I'm using TCP with the Binary formatter.
My solution consists of 4 projects:
- Class Library containing the server classes which Inherits MarshalByRefObject (ok, at this stage it only contains one class... but its gonna grow)
- Class Library containing common classes and interfaces that will be shared between all projects. This include interfaces for the server...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
