bduhaish
asked on
Securing connection strings and Encrypting
hi experts,
i was searching for a way to Encrypting the Connection String in the web.config file using .net and i found this article at
http://www.codersource.net/asp_net_security_connection_string.aspx
i did every thing was written but i get this error saying
---- Format of the initialization string does not conform to specification starting at index 0 ------
here are the steps i did:
1- i got the encrypted connection string
2- i paste it in the web.config file ----
<appSettings>
<add key="ConnectionString"
value="c2VydmVyPXNydi1yeTt 1aWQ9c2E7c HdkPTk4Nzt kYXRhYmFzZ T1wdWJz"/>
</appSettings>
3- also i was able to decrypt the connection string again
4- in the page load for example that i want to display
i did the flowing steps:
-------------------------- ---------- ----
Private Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
If Not Page.IsPostBack Then
Dim ConStr As SqlConnection
ConStr = DoCon()
'Dim myConnection As New SqlConnection(Configuratio nSettings. AppSetting s("Connect ionString" ))
Dim MySQL As String = "Select Top 10 au_id, au_fname + ' ' + au_lname " & _
"as FullName from Authors"
Dim ds As DataSet = New DataSet
Dim Cmd As New SqlDataAdapter(MySQL, ConStr)
Cmd.Fill(ds, "PBAuthors")
dgPublishers.DataSource = ds.Tables("PBAuthors").Def aultView
dgPublishers.DataBind()
End If
End Sub
Function DoCon() As SqlConnection
Dim ConnectionStr As New SqlConnection(Configuratio nSettings. AppSetting s().Item(" Connection String"))
Return (ConnectionStr)
End Function
-------------------------- ---------- ---------- ---------- --
That's all, any suggestion please.........
i was searching for a way to Encrypting the Connection String in the web.config file using .net and i found this article at
http://www.codersource.net/asp_net_security_connection_string.aspx
i did every thing was written but i get this error saying
---- Format of the initialization string does not conform to specification starting at index 0 ------
here are the steps i did:
1- i got the encrypted connection string
2- i paste it in the web.config file ----
<appSettings>
<add key="ConnectionString"
value="c2VydmVyPXNydi1yeTt
</appSettings>
3- also i was able to decrypt the connection string again
4- in the page load for example that i want to display
i did the flowing steps:
--------------------------
Private Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
If Not Page.IsPostBack Then
Dim ConStr As SqlConnection
ConStr = DoCon()
'Dim myConnection As New SqlConnection(Configuratio
Dim MySQL As String = "Select Top 10 au_id, au_fname + ' ' + au_lname " & _
"as FullName from Authors"
Dim ds As DataSet = New DataSet
Dim Cmd As New SqlDataAdapter(MySQL, ConStr)
Cmd.Fill(ds, "PBAuthors")
dgPublishers.DataSource = ds.Tables("PBAuthors").Def
dgPublishers.DataBind()
End If
End Sub
Function DoCon() As SqlConnection
Dim ConnectionStr As New SqlConnection(Configuratio
Return (ConnectionStr)
End Function
--------------------------
That's all, any suggestion please.........
ASKER
appari ,did you test it !!!!
because the same problem exists
---- Format of the initialization string does not conform to specification starting at index 0. ----
because the same problem exists
---- Format of the initialization string does not conform to specification starting at index 0. ----
ASKER
any help please....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
no proplem working fin 100%
thanks
thanks
ASKER
Oh
appari , one thing else.
Is it right if put the Decrypt Connection String Function in a global file rather than writing it in each asp.vb file, if yes
You may answer these couple of questions:
1 - Under which sub should I put this Decrypt Connection String in the global file
2- If it was under the (Application_Start) or (Session_Start) should i do something to end because i triad couple of things wrong
3- Should i pass some global variable in aspx.vb pages because in the (DoCon) function we change ConfigurationSettings.AppS ettings to DecryptConnectionString and this DecryptConnectionString is not declared in this case.
So what do your suggest?
appari , one thing else.
Is it right if put the Decrypt Connection String Function in a global file rather than writing it in each asp.vb file, if yes
You may answer these couple of questions:
1 - Under which sub should I put this Decrypt Connection String in the global file
2- If it was under the (Application_Start) or (Session_Start) should i do something to end because i triad couple of things wrong
3- Should i pass some global variable in aspx.vb pages because in the (DoCon) function we change ConfigurationSettings.AppS
So what do your suggest?
ASKER
hi,
should i open a new session ????
should i open a new session ????
change your code like this
add the following function to your code
Private Function DecryptConnectionString() As String
Dim b() As Byte = Convert.FromBase64String(C
Dim decryptedConnectionString As String = System.Text.ASCIIEncoding.
Return decryptedConnectionString
End Function
no change your doCon function as follows
Function DoCon() As SqlConnection
Dim ConnectionStr As New SqlConnection(DecryptConne
Return (ConnectionStr)
End Function