Solved

hide or encrypt connection string in asp.net applicaiton

Posted on 2009-05-15
3
294 Views
Last Modified: 2012-05-07
Hi expert, please help.
    I have try using code as follow, it encrypt well in my laptop, but after i upload to shard hosting envelopment. encrypt fail shown as follow.

System.Configuration.ConfigurationErrorsException: An error occurred loading a configuration file: Access to the path 'C:\Domains\domainname.com.my\httpdocs\8kgs3u4_.tmp' is denied. (C:\Domains\domainname.com.my\httpdocs\web.config) ---> System.UnauthorizedAccessException: Access to the path 'C:\Domains\domainname.com.my\httpdocs\8kgs3u4_.tmp' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access) at System.CodeDom.Compiler.TempFileCollection.EnsureTempNameCreated() at System.CodeDom.Compiler.TempFileCollection.AddExtension(String fileExtension, Boolean keepFile) at System.CodeDom.Compiler.TempFileCollection.AddExtension(String fileExtension) at System.Configuration.Internal.WriteFileContext..ctor(String filename, String templateFilename) at System.Configuration.Internal.InternalConfigHost.StaticOpenStreamForWrite(String streamName, String templateStreamName, Object& writeContext, Boolean assertPermissions) at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.OpenStreamForWrite(String streamName, String templateStreamName, Object& writeContext, Boolean assertPermissions) at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.OpenStreamForWrite(String streamName, String templateStreamName, Object& writeContext) at System.Configuration.Internal.DelegatingConfigHost.OpenStreamForWrite(String streamName, String templateStreamName, Object& writeContext) at System.Configuration.UpdateConfigHost.OpenStreamForWrite(String streamName, String templateStreamName, Object& writeContext) at System.Configuration.MgmtConfigurationRecord.SaveAs(String filename, ConfigurationSaveMode saveMode, Boolean forceUpdateAll) --- End of inner exception stack trace --- at System.Configuration.MgmtConfigurationRecord.SaveAs(String filename, ConfigurationSaveMode saveMode, Boolean forceUpdateAll) at System.Configuration.Configuration.SaveAsImpl(String filename, ConfigurationSaveMode saveMode, Boolean forceSaveAll) at System.Configuration.Configuration.Save() at test.EncryptConfig(Boolean bEncrypt)

I think the problem is show when the config.save is execute.
if i miss something or i there a way to get what appSettings.SectionInformation.ProtectSection("DataProtectionConfigurationProvider") have encrypt to show on label, so i can copy and paste it myself.

if can not be done, if there any way i can place it on my app_code by inherit ConfigurationSection or something to hide it from hacker. experts pls help.
Try

            Dim config As Configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath)

            Dim appSettings As ConfigurationSection = config.GetSection("connectionStrings")

            If bEncrypt Then

                appSettings.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
 

                

                'appSettings.SectionInformation.ProtectSection("RSAProtectedConfigurationProvider")
 

                config.Save()

            End If

Open in new window

0
Comment
Question by:john8098
  • 2
3 Comments
 
LVL 1

Expert Comment

by:veed
ID: 24400916
Seems permission is not provided to your folder. Pease grant permission to AspNet(IIS 5.x) user account or Networkservices(IIS 6) to your root folder.

0
 

Author Comment

by:john8098
ID: 24401059
If there possible to grant the permission on shared hosting?
0
 
LVL 1

Accepted Solution

by:
veed earned 500 total points
ID: 24401065
Yes its possible for your root folder. also depends on the control panel provided by the hosting company.



0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have ever used Microsoft Word then you know that it has a good spell checker and it may have occurred to you that the ability to check spelling might be a nice piece of functionality to add to certain applications of yours. Well the code that…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now