如何添加连接字符串作为受保护的部分? [英] How do I add a connection string as a protected section?
问题描述
我需要部署一个读取客户数据库的解决方案.我想保护连接字符串以保护密码.关于如何实现此目标的所有建议至少都已使用3年,有的建议已使用10年.我遇到了一些错误,例如"This 操作在运行时不适用",必须先将配置节添加到配置层次结构才能保护它"和不能添加具有相同名称的ConfigurationSection".
I need to deploy a solution that reads customer databases. I would like to secure the connection string to protect the password. All suggestions are at least 3 years old, some are 10 years old, on how to accomplish this. I have hit some errors, such as "This operation does not apply at runtime", "The configuration section must be added to a configuration hierarchy before you can protect it", and "Cannot add a ConfigurationSection with the same name that already exists".
第一个错误提示我创建一个外部控制台应用程序来调整原始应用程序的配置文件.第二个让我觉得代码顺序错误.最终的错误令人难以置信,因为原始应用程序的 配置不包含连接字符串.以下是原始应用程序的配置文件.
The first error prompted me to create an external console application to adjust the configuration file of the original application. The second one made me think the code was in the wrong order. The final error is incredibly frustrating, as the original application's configuration does not contain the connection string. Below is the original application's configuration file.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
</startup>
</configuration>下面是控制台应用程序中试图添加安全连接字符串的代码.
Below is the code from the console application that is attempting to add a secure connection string.
try {
Uri UriAssemblyFolder = new Uri(System.IO.Path.GetDirectoryName(Assembly.GetExecutingAssembly().GetName().CodeBase));
string appPath = UriAssemblyFolder.LocalPath;
Configuration config = ConfigurationManager.OpenExeConfiguration(appPath + @"\MyApplication.exe");
ConnectionStringsSection section = new ConnectionStringsSection();
section.ConnectionStrings.Add(new ConnectionStringSettings("LocalDB", @"Data Source=localhost;Initial Catalog=master;Persist Security Info=False;User ID=sa;Password=the_password;"));
section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
config.Sections.Add("connectionStrings", section);
config.Save();
}
catch (Exception ex) {
printException(ex);
}您可以假定控制台应用程序与原始应用程序在同一文件夹中运行.要生成第二个错误,可以用section.SectionInformation.ProtectSection切换section.ConnectionStrings.Add.
You can assume the console application is running in the same folder as the original application. To generate the second error, you can switch section.ConnectionStrings.Add with section.SectionInformation.ProtectSection.
我需要添加一个在编译后定义的受保护的连接字符串.如果这不可能,我还有其他选择吗?将连接字符串文件放在只有原始应用程序才能访问的文件夹中?
I need to add a protected connection string that is defined after compilation. If this is impossible, do I have any alternatives? Placing a connection string file in a folder that only the original application can access?
推荐答案
你好
为什么要让客户端保留密码?
Why do you want the Client side to retain the password?
拥有客户端密码会不会更安全
Would it not be more secure to have the Client password
已加密并存储在服务器上?身份验证
encrypted and stored at the Server? As Authentication
应该处理服务器端而不是客户端吗?如果是服务器
should be handle Server side not Client? If the Server
跟踪每个用户的登录ID/PSW,IP以及GUID
tracks login ID/PSW, IP and coupled with a GUID for each
客户端,则信息比本地信息更安全
Client then the information is more secure, than Local
存储,还是这种方法会导致问题?
storage, or does this method cause a problem?
希望有帮助:)
Hope this Helps :)
这篇关于如何添加连接字符串作为受保护的部分?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
