Wrox Programmer Forums
| Search | Today's Posts | Mark Forums Read
ASP.NET 2.0 Professional If you are an experienced ASP.NET programmer, this is the forum for your 2.0 questions. Please also see the Visual Web Developer 2005 forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 2.0 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old March 4th, 2007, 07:36 PM
Authorized User
Points: 514, Level: 8
Points: 514, Level: 8 Points: 514, Level: 8 Points: 514, Level: 8
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2006
Location: , , .
Posts: 91
Thanks: 0
Thanked 0 Times in 0 Posts
Default Encrypting Web.Config

I'm having a confusion attack on encrypting web.config, in order to hide configuration strings.

1) If I'm not using userid & password in config string, what might be the point of encrypting the configuration strings? Any?

2) I can't figure out how the ASP.NET finds the RSA key that was used to encrypt web.config during operation of the aspreg_iis encryption trick. Can the aspreg_iis encryption be run by be -ANY- identity that can do I/O on web.config, and ASP.NET is smart enough to find it the key? Does aspreg_iis do something to tell ASP.NET that the encryption has taken place, and that the key is somewhere in particular. Or does the aspiis_reg encryption trick have to be run by a particular identity that somehow is already correlated with ASP.NET?

Any help with this would be appreciated.

Thanks!
 
Old March 4th, 2007, 11:15 PM
Authorized User
Points: 514, Level: 8
Points: 514, Level: 8 Points: 514, Level: 8 Points: 514, Level: 8
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2006
Location: , , .
Posts: 91
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Got answer to 1)...no longer relevant to my situation, since I'm going to use userID and password, in order to have a user that has limited permissions...

2) would be interested still, though I've found lots of doc's on this, and expect to sort it out.




Similar Threads
Thread Thread Starter Forum Replies Last Post
Encrypting config vikingsunil ASP.NET 2.0 Professional 1 August 28th, 2008 10:53 PM
web.config vs. app.config darlo Visual Studio 2005 11 August 20th, 2008 07:23 AM
web.config sonny1 ASP.NET 2.0 Basics 1 October 20th, 2007 01:40 PM
Web.Config tranzformerz ASP.NET 1.0 and 1.1 Basics 1 August 29th, 2005 05:59 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.