user and password are in configuration file

Posted on 2012-08-29
Last Modified: 2012-08-30
Hi experts, we currently have web service clients that consume other web services. The problem is that the user and password are in configuration file, then any network administrator can read.

 That mechanism should implement to avoid this, I read
 Active Directory integrated authentication, pam or ldap.

the original question
Question by:enrique_aeo
    1 Comment
    LVL 11

    Accepted Solution

    You could encrypt that portion of your config if this is running under iis:

    Never mind.  I thought you had one web service calling another web service, not clients.

    Here's a previous post where I gave some functions for encrypting and decrypting values.

    But ultimately you still have a problem - where do you store the encryption keys?  You can compile them into the code or make a request to get them but all if that is something a savvy user could get to.  I'm thinking the only real way to protect your third party services is to proxy your client's calls.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Suggested Solutions

    For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK ( for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
    A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now