凭据存储最佳实践 [英] Credential storage best practices
问题描述
我正在写一个Windows服务,并需要进行身份验证的Web请求。该服务将不会用来做请求的凭据的所有权下运行;这意味着我需要存储的凭据以某种方式的要求。
I'm writing a Windows service and need to make authenticated web requests. The service will not be running under the ownership of the credentials used to make the request; this implies that I need to store the credentials for the request in some way.
什么是这里的最佳做法?凭证将需要被存储在App.config中(或类似物);我宁愿没有密码以明文形式挂出。作为密码经常更改,建筑物或在密码二进制否则烘烤是不是一种选择。
What are the best practices here? The credentials will need to be stored in App.config (or an analog); I'd rather not have the password hanging out in plain text. As passwords change frequently, building or otherwise baking in the password to the binary is not an option.
同样的问题适用于PowerShell的。我需要做认证的请求,但我不希望脚本纯文本包含形式用于请求的凭据。
The same question applies for Powershell. I need to make authenticated requests, but I don't want the script to contain in a plain-text form the credentials used for the requests.
推荐答案
不能把答案信贷。但这里有一个叫做列入加密在.NET应用程序配置密码有了完整的代码的博客文章
Can't take the credit for the answer: But here's a blog post called "Encrypting Passwords in .NET App Config" With full code included.
HTTP://博客。 asp.net/jgalloway/archive/2008/04/13/encrypting-passwords-in-a-net-app-config-file.aspx
这篇关于凭据存储最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
