Tuesday, January 13, 2009

Encrypting Web.config

RSAProtectedConfigurationProvider.
This is the default provider and uses the RSA public key encryption to encrypt and decrypt data.

DataProtectionConfigurationProvider.
This provider uses DPAPI to encrypt and decrypt data.

Configuration config = ConfigurationManager.OpenExeConfiguration("");
ConfigurationSection configSection = config.GetSection("connectionStrings");
if (flag)
configSection.SectionInformation.
ProtectSection("DataProtectionConfigurationProvider");

else
configSection.SectionInformation.UnprotectSection();
config.Save();

private Configuration GetMappedExeConfigurationSections()
{
ExeConfigurationFileMap fileMap = new ExeConfigurationFileMap();
fileMap.ExeConfigFilename =Server.MapPath("~/web.config");
Configuration config = ConfigurationManager.OpenMappedExeConfiguration
(fileMap,
ConfigurationUserLevel.None);
return config;
}

0 comments:

Post a Comment