读取受保护的配置节时的ConfigurationErrorException [英] ConfigurationErrorException when reading protected config section
本文介绍了读取受保护的配置节时的ConfigurationErrorException的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我已经创建了一个自定义配置部分(自然地)从
System.Configuration.ConfigurationSection继承。配置部分是
工作99%罚款,但每当我执行以下操作时,我会遇到ConfigurationErrorException
:
1.使用
System.Configuration.Configuration.Save()修改并保存代码中的部分。
2.使用ConfigurationManager刷新部分.RefreshSection
3.加密部分,强制保存并保存。刷新部分使用
ConfigurationManager.RefreshSection
4.尝试通过配置文件加载部分
ConfigurationManager.GetSection - 抛出异常到期到存在的
configProtectionProvider属性。
如果我保存该部分然后重启我的应用程序,一切正常
hunky dory ...如果我在加密/解密后没有重新启动应用程序,
但是,下次我尝试阅读该部分时,所有内容都会松开。
怎么了?我以为调用ConfiguratoinManager.RefreshSection会这样做诀窍(它在我加密/解密connectionStrings
部分后就可以了。)
提前致谢。
- ryan。
I''ve created a custom configuration section that inherits (naturally) from
System.Configuration.ConfigurationSection. The configuration section is
working 99% fine, however I keep coming across a ConfigurationErrorException
whenever I do the following:
1. Modify and save the section in code using the
System.Configuration.Configuration.Save().
2. Refresh teh section using ConfigurationManager.RefreshSection
3. Encrypt the section, force save and save. Refresh the section using
ConfigurationManager.RefreshSection
4. Attempt to load the section from the configuration file via
ConfigurationManager.GetSection - throws exception due to the
configProtectionProvider attribute being present.
If I save the section and then restart my application, everything works
hunky dory... if I don''t restart the app after encrypting/decrypting,
however, all heck breaks loose next time I try and read the section.
What''s wrong? I thought calling ConfiguratoinManager.RefreshSection would
do the trick (it does the trick after I encrypt/decrypt the connectionStrings
section).
Thanks in advance.
- ryan.
推荐答案
抱歉 - RefreshSection是*不*为我的连接字符串工作。所以我是
加密部分,刷新它们,但后来无法读取它们。
Ryan写道:
Sorry - RefreshSection is *not* working for my connection strings. So I''m
encrypting sections, refreshing them, but then cannot read from them.
"Ryan" wrote:
我创建了一个自定义配置部分(自然地)从
System.Configuration.ConfigurationSection继承。配置部分是
工作99%罚款,但每当我执行以下操作时,我会遇到ConfigurationErrorException
:
1.使用
System.Configuration.Configuration.Save()修改并保存代码中的部分。
2.使用ConfigurationManager刷新部分.RefreshSection
3.加密部分,强制保存并保存。刷新部分使用
ConfigurationManager.RefreshSection
4.尝试通过配置文件加载部分
ConfigurationManager.GetSection - 抛出异常到期到存在的
configProtectionProvider属性。
如果我保存该部分然后重启我的应用程序,一切正常
hunky dory ...如果我在加密/解密后没有重新启动应用程序,
但是,下次我尝试阅读该部分时,所有内容都会松开。
怎么了?我以为调用ConfiguratoinManager.RefreshSection会这样做诀窍(它在我加密/解密connectionStrings
部分后就可以了。)
提前致谢。
- ryan。
I''ve created a custom configuration section that inherits (naturally) from
System.Configuration.ConfigurationSection. The configuration section is
working 99% fine, however I keep coming across a ConfigurationErrorException
whenever I do the following:
1. Modify and save the section in code using the
System.Configuration.Configuration.Save().
2. Refresh teh section using ConfigurationManager.RefreshSection
3. Encrypt the section, force save and save. Refresh the section using
ConfigurationManager.RefreshSection
4. Attempt to load the section from the configuration file via
ConfigurationManager.GetSection - throws exception due to the
configProtectionProvider attribute being present.
If I save the section and then restart my application, everything works
hunky dory... if I don''t restart the app after encrypting/decrypting,
however, all heck breaks loose next time I try and read the section.
What''s wrong? I thought calling ConfiguratoinManager.RefreshSection would
do the trick (it does the trick after I encrypt/decrypt the connectionStrings
section).
Thanks in advance.
- ryan.
Hello Ryan,
至于.net 2.0配置加密和部分刷新问题
你提到过,我刚刚根据你的描述进行了一些测试
在我的本地环境中。这是我的测试结果和一些建议
这个:
1.当执行配置部分保护时,我们可以选择哪个
$ b要使用的$ b提供商,有两个内置提供商(DPAPI提供商和RSA
提供商)。基于我的测试,问题(ConfigurationErrorException将在我们使用DPAPI提供程序时发生
,但在使用RSA提供程序时不会发生)。
2.我们有修改了配置(其中的任何部分)并保存
到文件并刷新某些部分,我们可以使用原始的
配置对象再次查询部分数据或构造一个新的
配置对象(通过ConfigurationManager.OpenExeConfiguration)。
我发现当我们使用原始的
配置时会发生异常对象,但是如果我们重新构建/重新加载一个新的配置对象(来自exe配置文件),则不会发生。
因此,我认为问题的原因就是当使用DPAPI
提供程序时,刷新某个部分之后,旧的配置对象
会丢失相关的加密信息(因为信息首先是
在我们保护该部分之后构建n)并从文件中导致顺序
加载....(它不知道该部分是
受保护...)。 />
如果您正在使用DPAPI提供程序(DataProtectionConfigurationProvider),
您可以考虑重新加载新配置对象而不是使用
原始版本。这是一个可行的示例控制台应用程序(不确定
您是否更喜欢VB.NET或C#,如果您更喜欢VBNET请告诉我
一个):
=======================================
命名空间EncryptSectionConsole
{
class program
{
static void Main(string [] args)
{
运行();
}
static void运行()
{
Console.WriteLine(按任意键转储
connectionstrings ...);
Console.ReadLine();
DumpConnectionStrings();
Console.WriteLine("按任意键加密
connectionstrings ...");
Console.ReadLine();
EncryptConnectionStrings();
Console.WriteLine(按任意键转储
connectionstrings ...");
Console.ReadLine();
NewDumpConnectionStrings();
//将导致异常
// DumpConnectionStrings();
}
static void DumpConnectionStrings( )
{
foreach(ConnectionStringSettings connstr in
ConfigurationManager.ConnectionStrings)
{
Console.WriteLine(" name:{0},connstring:{1}",
connstr.Name,connstr.ConnectionString);
}
}
static void NewDumpConnectionStrings()
{
配置配置=
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
foreach(ConnectionStringSettings connstr in
config.ConnectionStrings.ConnectionStrings)
{
Console.WriteLine(" name:{0},connstring:{1}",
connstr.Name,connstr.ConnectionString);
}
}
static void EncryptConnectionStrings()
{
配置config =
C. onfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
config.ConnectionStrings.SectionInformation.ForceS ave = true;
config.ConnectionStrings.SectionInformation .Protec tSection(DataProtectionCo
nfigurationProvider);
config.Save(ConfigurationSaveMode.Modified);
控制台。 WriteLine(按任意键刷新部分....);
Console.ReadLine();
config.ConnectionStrings.SectionInformation .ForceS ave = true;
config.ConnectionStrings.ConnectionStrings.Add(new
ConnectionStringSettings(" new connstr"," new value"));
config.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection(" connectionStr ings");
}
}
}
======================== ========
希望这会有所帮助。
此致,
Steven Cheng
Microsoft MSDN在线支持主管
======= ===========================================
通过电子邮件收到我的帖子通知?请参阅
http://msdn.microsoft .com / subscripti ... ult.aspx#notif
ications。
注意:MSDN托管新闻组支持服务是针对非紧急问题
如果社区或微软支持人员在1个工作日内做出初步回复是可以接受的。请注意,每个跟随
的响应可能需要大约2个工作日作为支持
专业人士与您合作可能需要进一步调查才能达到
最有效的分辨率。该产品不适用于需要紧急,实时或基于电话的交互或复杂的b $ b项目分析和转储分析问题的情况。这种性质的问题最好通过联系
Microsoft客户支持服务(CSS)处理
href =http://msdn.microsoft.com/subscriptions/support/default.aspx\"target =_ blank> http://msdn.microsoft.com/subscripti...t/default.aspx 。
==================================== ==============
此帖子按原样提供。没有保证,也没有赋予任何权利。
Hello Ryan,
As for the .net 2.0 configuration encryption and section refresh problem
you mentioned, I''ve just performed some tests according to your description
in my local environment. Here is my test results and some suggestion on
this:
1. When perform the configuration section protection, we can choose which
provider to use, there''re two built-in providers(DPAPI provider and RSA
provider). Based on my test, the problem (ConfigurationErrorException will
occur when we use DPAPI provider , but not when using RSA provider).
2. After we have modified the configuration(any sections in it) and save it
to file and refresh the certain sections, we can use the original
configuration object to query the section data again or construcut a new
configuration object(through ConfigurationManager.OpenExeConfiguration ).
And I found that the exception will occur when we use the original
configuration object , but not occur if we reconstruct/reload a new
configuration object(from exe config file).
Therefore, I think the cause of the problem is that when using DPAPI
provider, after refresh the certain Section, the old configuration object
lose the related encryption information(since the informations first
constructed after we protect that section) and result the sequential
loading from the file failes....(it dosn''t know that the section is
protected...).
If you''re using the DPAPI provider("DataProtectionConfigurationProvider"),
you can consider reload a new configuration object instead of using the
original one. Here is a workable sample console application(not sure
whether you prefer VB.NET or C#, please let me know if you prefer VBNET
one):
=======================================
namespace EncryptSectionConsole
{
class Program
{
static void Main(string[] args)
{
Run();
}
static void Run()
{
Console.WriteLine("press any key to dump the
connectionstrings...");
Console.ReadLine();
DumpConnectionStrings();
Console.WriteLine("press any key to encrypt the
connectionstrings...");
Console.ReadLine();
EncryptConnectionStrings();
Console.WriteLine("press any key to dump the
connectionstrings...");
Console.ReadLine();
NewDumpConnectionStrings();
//will result exception
//DumpConnectionStrings();
}
static void DumpConnectionStrings()
{
foreach(ConnectionStringSettings connstr in
ConfigurationManager.ConnectionStrings)
{
Console.WriteLine("name: {0}, connstring: {1}",
connstr.Name, connstr.ConnectionString);
}
}
static void NewDumpConnectionStrings()
{
Configuration config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
foreach (ConnectionStringSettings connstr in
config.ConnectionStrings.ConnectionStrings)
{
Console.WriteLine("name: {0}, connstring: {1}",
connstr.Name, connstr.ConnectionString);
}
}
static void EncryptConnectionStrings()
{
Configuration config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
config.ConnectionStrings.SectionInformation.ForceS ave= true;
config.ConnectionStrings.SectionInformation.Protec tSection("DataProtectionCo
nfigurationProvider");
config.Save(ConfigurationSaveMode.Modified);
Console.WriteLine("press any key to refresh the section....");
Console.ReadLine();
config.ConnectionStrings.SectionInformation.ForceS ave = true;
config.ConnectionStrings.ConnectionStrings.Add(new
ConnectionStringSettings("new connstr", "new value"));
config.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection("connectionStr ings");
}
}
}
================================
Hope this helps.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
嗨史蒂文,
谢谢答复。我发现无论我选择哪种加密方法(dpapi或rsa),都会发生这种情况。在新配置中加载
非常糟糕。对我来说,这似乎是一种解决方法。
ConfigurationManager应该知道在我调用RefreshSection后要做什么,并且
我不必从磁盘中明确读取。当我们开始考虑缓存时,这变得更加重要。
例如 - 在我们的情况下,我有一个访问
使用ConfigurationManager.GetSection的连接字符串信息。但是,我的
应用程序使用低级库,在运行时加密
连接字符串部分。这意味着,为了使低级别的b $ b级库始终正常运行,它必须始终从磁盘读取
ConfigurationManager.GetSection - 无论该部分是否刷新。
这不是ConfigurationManager中的错误吗?
" ; Steven Cheng [MSFT]"写道:
Hi Steven,
Thanks for the reply. I''m finding this is occuring regardless of which
encryption method I chose (dpapi or rsa). It''s really too bad that I have to
load in a new config. To me that seems like a workaround. The
ConfigurationManager should know what to do after I call RefreshSection, and
I shouldn''t have to explicitly read from the disk. This becomes even more
important when we start thinking of caching.
For example - in our situation, I have a low-level library that access
connection string information using ConfigurationManager.GetSection. My
application that utilizes the low-level library, however, encrypts the
connection strings section at runtime. This means that, in order for the low
level library to always function correctly, it must always read from disk
rather than the once-only cached version returned by
ConfigurationManager.GetSection - regardless if the section was refreshed.
Is this not a bug in ConfigurationManager?
"Steven Cheng[MSFT]" wrote:
Hello Ryan,
你提到过,我刚刚根据你的描述进行了一些测试
在我当地的环境中。这是我的测试结果和一些建议
这个:
1.当执行配置部分保护时,我们可以选择哪个
$ b要使用的$ b提供商,有两个内置提供商(DPAPI提供商和RSA
提供商)。基于我的测试,问题(ConfigurationErrorException将在我们使用DPAPI提供程序时发生
,但在使用RSA提供程序时不会发生)。
2.我们有修改了配置(其中的任何部分)并保存
到文件并刷新某些部分,我们可以使用原始的
配置对象再次查询部分数据或构造一个新的
配置对象(通过ConfigurationManager.OpenExeConfiguration)。
我发现当我们使用原始的
配置时会发生异常对象,但是如果我们重新构建/重新加载一个新的配置对象(来自exe配置文件),则不会发生。
因此,我认为问题的原因就是当使用DPAPI
提供程序时,刷新某个部分之后,旧的配置对象
会丢失相关的加密信息(因为信息首先是
在我们保护该部分之后构建)并导致从文件中加载的顺序
....(它不知道该部分是
受保护......)。
如果您正在使用DPAPI提供程序(DataProtectionConfigurationProvider),
您可以考虑重新加载新配置对象而不是使用
原件。这是一个可行的示例控制台应用程序(不确定
您是否更喜欢VB.NET或C#,如果您更喜欢VBNET请告诉我
一个):
=======================================
命名空间EncryptSectionConsole
{
class program
{
static void Main(string [] args)
{
Run();
}
static void Run()< br $>
{
Console.WriteLine(按任意键转储
connectionstrings ...);
Console.ReadLine();
DumpConnectionStrings();
Console.WriteLine("按任意键加密
connectionstrings ...");
Console.ReadLine();
EncryptConnectionStrings();
Console.WriteLine("按一个y键转储
connectionstrings ...");
Console.ReadLine();
NewDumpConnectionStrings() ;
//将导致异常
// DumpConnectionStrings();
}
static void DumpConnectionStrings()
{
foreach(ConnectionStringSettings connstr in
ConfigurationManager.ConnectionStrings)
{
Console.WriteLine(" name:{0},connstring:{1}",
connstr.Name,connstr.ConnectionString);
}
}
static void NewDumpConnectionStrings()
{
配置config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
foreach(ConnectionStringSettings connstr in
co nfig.ConnectionStrings.ConnectionStrings)
{
Console.WriteLine(" name:{0},connstring:{1}",
connstr.Name,connstr.ConnectionString);
}
}
static void EncryptConnectionStrings()
{
配置config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
config.ConnectionStrings.SectionInformation .ForceS ave = true;
config.ConnectionStrings.SectionInformation.Protec tSection(" DataProtectionCo
nfigurationProvider");
config.Save(ConfigurationSaveMode.Modified);
Console.WriteLine(按任意键刷新部分......);
Console.ReadLine();
config.ConnectionStrings.SectionInformation.ForceS av e = true;
config.ConnectionStrings.ConnectionStrings.Add(new
ConnectionStringSettings(" new connstr"," new value"));
config.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection(" connectionStr ings");
}
}
}
============== ==================
希望这会有所帮助。
此致,
Steven Cheng
Microsoft MSDN在线支持主管
========= =========================================
通过电子邮件收到我的帖子通知?请参阅
http://msdn.microsoft .com / subscripti ... ult.aspx#notif
ications。
注意:MSDN托管新闻组支持服务是针对非紧急问题
如果社区或微软支持人员在1个工作日内做出初步回复是可以接受的。请注意,每个跟随
的响应可能需要大约2个工作日作为支持
专业人士与您合作可能需要进一步调查才能达到
最有效的分辨率。该产品不适用于需要紧急,实时或基于电话的交互或复杂的b $ b项目分析和转储分析问题的情况。这种性质的问题最好通过联系
Microsoft客户支持服务(CSS)处理
href =http://msdn.microsoft.com/subscriptions/support/default.aspx\"target =_ blank> http://msdn.microsoft.com/subscripti...t/default.aspx 。
==================================== ==============
此帖子按原样提供。没有保证,也没有授予任何权利。
Hello Ryan,
As for the .net 2.0 configuration encryption and section refresh problem
you mentioned, I''ve just performed some tests according to your description
in my local environment. Here is my test results and some suggestion on
this:
1. When perform the configuration section protection, we can choose which
provider to use, there''re two built-in providers(DPAPI provider and RSA
provider). Based on my test, the problem (ConfigurationErrorException will
occur when we use DPAPI provider , but not when using RSA provider).
2. After we have modified the configuration(any sections in it) and save it
to file and refresh the certain sections, we can use the original
configuration object to query the section data again or construcut a new
configuration object(through ConfigurationManager.OpenExeConfiguration ).
And I found that the exception will occur when we use the original
configuration object , but not occur if we reconstruct/reload a new
configuration object(from exe config file).
Therefore, I think the cause of the problem is that when using DPAPI
provider, after refresh the certain Section, the old configuration object
lose the related encryption information(since the informations first
constructed after we protect that section) and result the sequential
loading from the file failes....(it dosn''t know that the section is
protected...).
If you''re using the DPAPI provider("DataProtectionConfigurationProvider"),
you can consider reload a new configuration object instead of using the
original one. Here is a workable sample console application(not sure
whether you prefer VB.NET or C#, please let me know if you prefer VBNET
one):
=======================================
namespace EncryptSectionConsole
{
class Program
{
static void Main(string[] args)
{
Run();
}
static void Run()
{
Console.WriteLine("press any key to dump the
connectionstrings...");
Console.ReadLine();
DumpConnectionStrings();
Console.WriteLine("press any key to encrypt the
connectionstrings...");
Console.ReadLine();
EncryptConnectionStrings();
Console.WriteLine("press any key to dump the
connectionstrings...");
Console.ReadLine();
NewDumpConnectionStrings();
//will result exception
//DumpConnectionStrings();
}
static void DumpConnectionStrings()
{
foreach(ConnectionStringSettings connstr in
ConfigurationManager.ConnectionStrings)
{
Console.WriteLine("name: {0}, connstring: {1}",
connstr.Name, connstr.ConnectionString);
}
}
static void NewDumpConnectionStrings()
{
Configuration config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
foreach (ConnectionStringSettings connstr in
config.ConnectionStrings.ConnectionStrings)
{
Console.WriteLine("name: {0}, connstring: {1}",
connstr.Name, connstr.ConnectionString);
}
}
static void EncryptConnectionStrings()
{
Configuration config =
ConfigurationManager.OpenExeConfiguration(Configur ationUserLevel.None);
config.ConnectionStrings.SectionInformation.ForceS ave= true;
config.ConnectionStrings.SectionInformation.Protec tSection("DataProtectionCo
nfigurationProvider");
config.Save(ConfigurationSaveMode.Modified);
Console.WriteLine("press any key to refresh the section....");
Console.ReadLine();
config.ConnectionStrings.SectionInformation.ForceS ave = true;
config.ConnectionStrings.ConnectionStrings.Add(new
ConnectionStringSettings("new connstr", "new value"));
config.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection("connectionStr ings");
}
}
}
================================
Hope this helps.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
这篇关于读取受保护的配置节时的ConfigurationErrorException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
