From: cnblogs font size: [large, medium, small]
- Abstract: This article introduces the encryption and decryption of Asp.net web. config, and provides simple sample code for your reference.
The Web. config file is an XML text file used to store the configuration information of Web applications in ASP. NET. Web application developers usually configure some key information of the application in the web. config file, such as the database connection string. However, the Web. config file also has certain security risks. Such key information stored in the plaintext mode may become a breakthrough for others, resulting in unnecessary losses. Currently, the best way to solve this problem is to encrypt the string of the web. config file and decrypt it when you want to modify the information. Next I will introduce a common web. config encryption and decryption method.
Implementation process.
(1) first, we add two buttons to the page and write the encryption code in the Click Event of the encryption button. (Here we need to reference using system. Web. configuration; namespace)
// Open the configuration file configuration Config = webconfigurationmanager in the application. openwebconfiguration (request. applicationpath); // find the specified configurationsection = config in the opened configuration file. getsection ("deleetask"); If (section! = NULL &&! Section. sectioninformation. isprotected) {Section. sectioninformation. protectsection ("rsaprotectedconfigurationprovider"); config. Save (); response. Write ("<SCRIPT> alert ('encrypted! '); </SCRIPT> ");}
(2) write the decryption code in the Click Event of the decryption button.
Configuration Config = webconfigurationmanager. openwebconfiguration (request. applicationpath); configurationsection section = config. getsection ("etettings"); If (section! = NULL & section. sectioninformation. isprotected) {Section. sectioninformation. unprotectsection (); config. save (); response. write ("<SCRIPT> alert ('decrypted successfully'); </SCRIPT> ");}
As follows:
Before encryption:
After encryption:
After decryption: