 |
Languages »
C# »
General
Advanced
License: The Code Project Open License (CPOL)
Encrypt and Decrypt ConnectionString in app.config and/or web.config!By Dariush TasdighiEncrypt and Decrypt ConnectionString in app.config and/or web.config! |
C# 2.0, Windows, .NET 2.0VS2005, Dev
|
|
Advanced Search Add to IE Search |
|
|
|
||||||||||||||||
In Windows/Web based applications, it's not rational for you to put your ConnectionString in the native/normal format! This is because anybody can see your userID/username and password!.
In this article, I want to teach you how to encrypt ConnectionString and decrypt it as you wish.
This feature was born in .NET Framework 2.0 (Visual Studio 2005).
First of all, we suggest you to create a static class with the name Utilities and put the below functions in it. After all, you can call just two functions for encryption and decryption of your connection string.
namespace DT.Security
{
public static class Utilities
{
public static void ProtectConnectionString()
{
ToggleConnectionStringProtection
(System.Windows.Forms.Application.ExecutablePath, true);
}
public static void UnprotectConnectionString()
{
ToggleConnectionStringProtection
(System.Windows.Forms.Application.ExecutablePath, false);
}
private static void ToggleConnectionStringProtection
(string pathName, bool protect)
{
// Define the Dpapi provider name.
string strProvider = "DataProtectionConfigurationProvider";
// string strProvider = "RSAProtectedConfigurationProvider";
System.Configuration.Configuration oConfiguration = null;
System.Configuration.ConnectionStringsSection oSection = null;
try
{
// Open the configuration file and retrieve
// the connectionStrings section.
// For Web!
// oConfiguration = System.Web.Configuration.
// WebConfigurationManager.OpenWebConfiguration("~");
// For Windows!
// Takes the executable file name without the config extension.
oConfiguration = System.Configuration.ConfigurationManager.
OpenExeConfiguration(pathName);
if (oConfiguration != null)
{
bool blnChanged = false;
oSection = oConfiguration.GetSection("connectionStrings") as
System.Configuration.ConnectionStringsSection;
if (oSection != null)
{
if ((!(oSection.ElementInformation.IsLocked)) &&
(!(oSection.SectionInformation.IsLocked)))
{
if (protect)
{
if (!(oSection.SectionInformation.IsProtected))
{
blnChanged = true;
// Encrypt the section.
oSection.SectionInformation.ProtectSection
(strProvider);
}
}
else
{
if (oSection.SectionInformation.IsProtected)
{
blnChanged = true;
// Remove encryption.
oSection.SectionInformation.UnprotectSection();
}
}
}
if (blnChanged)
{
// Indicates whether the associated configuration section
// will be saved even if it has not been modified.
oSection.SectionInformation.ForceSave = true;
// Save the current configuration.
oConfiguration.Save();
}
}
}
}
catch (System.Exception ex)
{
throw (ex);
}
finally
{
}
}
}
}
After I learned this feature, I used it in all of my Windows/Web based applications!
| You must Sign In to use this message board. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General 
News 
Question 
Answer 
Joke 
Rant 
Admin
|
PermaLink |
Privacy |
Terms of Use
Last Updated: 8 Sep 2007 Editor: Deeksha Shenoy |
Copyright 2007 by Dariush Tasdighi Everything else Copyright © CodeProject, 1999-2009 Web17 | Advertise on the Code Project |
