[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to encrypt a Oracle password in app.config in C# app

Posted on 2011-02-24
10
Medium Priority
?
1,449 Views
Last Modified: 2013-12-19
I am working on a .NET console  application using C#. In order for the console app to open a connection to the oracle database, the following conection string was setup in the "app.config" file of the console app.

 <connectionStrings>
    <add name="ABCReceiveData.Properties.Settings.TTT1" connectionString="Data Source=ttt1;Persist Security Info=True;User ID=johndoe;Password=xxxxj$;Unicode=True"
      providerName="System.Data.OracleClient" />
</connectionStrings>

With the above approach the password is saved in clear text in the config file, I do not want that .. I like to encrypt it. I do not know how .. appreciate if someone shares a sample on how to do it.
0
Comment
Question by:vemi007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 34976196
The only way I know is to encrypt the entire connection string with any of the available encrypt/decrypt functions/libraries around.

Store the encrypted value then decrypt in code then connect.
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 34976200
Should add that it is possible to use OS authentication with Oracle but I would not recommend it.

That is connect to the database with no password using the OS credentials.
0
 

Author Comment

by:vemi007
ID: 34976227
encrypt/decrypt ?? can you show me the way, I am not that familiar
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 34976260
I'm on mobile right now and cannot provide links with examples but Google around for: ASP.Net string encrypt

There should be several examples.

You also realize this isn't going to stop a 'decent' attempt at accessing the database.

I can always run your app code through a decompiler like reflector and see how you decrypt the string and gain access to the database.

It will slow me down but probably not stop $e.
0
 

Author Comment

by:vemi007
ID: 34976267
I understand the pit falls .. but it is an internal application which is not at all exposed outside. I will google around , if you get a chance please send related info my way.
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 34976283
If you haven't figured it out and no other Experts show up before I get back to work tomorrow, I'll see what I can provide.
0
 

Author Comment

by:vemi007
ID: 34976421
Thanks, I have googled a lot .. majority are around web.config tied to ASP.NET, a few I did find for encrypting and decrypting app.config for my console C# application including msdnn article, but it is kinda going over my head .. i see methods defined to encrypt/decrypt connection string .. but how do i use those methods within my console app is what I am missing .. just a good sample will help me understand anf figure this out.
0
 
LVL 12

Accepted Solution

by:
Praveen Kumar Chandrashekatr earned 800 total points
ID: 34978470
Hi,

since i'm not worked on this senario i'm not sure please check this below links i hope this may help you

http://www.pnpguidance.net/Post/EnterpriseLibrary3VisualStudioIntegratedConfigurationEditor.aspx
http://davidhayden.com/blog/dave/archive/2006/01/23/2744.aspx
0
 

Author Comment

by:vemi007
ID: 34979789
How does Enterprise Library  work ? it seems very easy. After i have it installed on my desktop and use to encrypt app.config , do I have to install this Enterprise Library  on the server where the client will be eventually deployed as well  ?
0
 

Author Closing Comment

by:vemi007
ID: 34981636
I figured it out. Thanks for your assistance.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had to make fundamental changes to a table in Oracle, but haven't been able to get any downtime?  I'm talking things like: * Dropping columns * Shrinking allocated space * Removing chained blocks and restoring the PCTFREE * Re-or…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This video shows how to copy a database user from one database to another user DBMS_METADATA.  It also shows how to copy a user's permissions and discusses password hash differences between Oracle 10g and 11g.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question