i encrypt connection string of web.config. here have found nice example on how this. implemented , on development machine runs find. if upload provider, not work following error:
[securityexception: request failed.] system.configuration.dpapiprotectedconfigurationprovider.encrypt(xmlnode node)
in this blog have read, because of web runs in medium trust , therefore webconfigurationmanager.openwebconfiguration can not used. instead of this, webconfigurationmanager.getsection should used. however, if section proposed, call protectsection fails following error message:
system.invalidoperationexception: operation not apply @ runtime
can lead me solution, how can encode (and decode) connection string in web.config file (at runtime)?
update
not real answer question, hoster gave full trust web , now, worked fine. leave quesion open, maybe posts solution original question , helps people having same problem not getting full trust.
from http://msdn.microsoft.com/en-us/library/89211k9b%28v=vs.80%29.aspx
static void togglewebencrypt() { // open web.config file. configuration config = webconfigurationmanager. openwebconfiguration("~"); // connectionstrings section. connectionstringssection section = config.getsection("connectionstrings") connectionstringssection; // toggle encryption. if (section.sectioninformation.isprotected) { section.sectioninformation.unprotectsection(); } else { section.sectioninformation.protectsection( "dataprotectionconfigurationprovider"); } // save changes web.config file. config.save(); } update
also, ensure service account has write permissions web.config. also, aware granting write permissions service account on web.config increases security footprint of application. if understand , accept risks.
Comments
Post a Comment