NBearV3 Tutorial--Entity configuration file Encryption Chapter

Version

1.0 [2006-11-18]

Brief introduction

This tutorial describes the encryption support for the entity profiles in NBearV3.

Goal

Through this tutorial, readers should be able to fully grasp the cryptographic entity configuration file and how to combine the configuration section encryption using ASP.net to implement the entity configuration encryption associated with the deployment environment.

Code

This tutorial does not contain any presentation code.

Time

<10 minutes.

Body

1 Configuring and enabling entity configuration file encryption

To enable entity profile encryption, you need to set the Entityconfig configuration section as follows:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
　　<section name="entityConfig" type="NBear.Common.EntityConfigurationSection, NBear.Common" />
</configSections>
<entityConfig encrpyt="false" key="aslkjkljlsajsuaggasfklrjuisdhaie">
　　<includes>
　　　<add key="Sample" value="C:\Teddy\NBearV3\src\NBear.Test.CaseTests\EntityConfig.xml" />
　　</includes>
</entityConfig>
<connectionStrings>
　　<add name="CaseTests" connectionString="Server=(local);Database=CaseTests;Uid=sa;Pwd=sa" providerName="NBear.Data.SqlServer.SqlDbProvider"/>
</connectionStrings>
</configuration>

Note that in the above code,

Entityconfig configuration section Bold two properties: Encrypt and key.

Encrypt=true representative, enable entity profile encryption.

KEY specifies a key for encrypting/decrypting the entity configuration file.

If the Entity Profile encryption feature is enabled, the current application will only recognize the encrypted entity configuration file.

2 encrypting/Decrypting the entity configuration file

To encrypt/Decrypt an entity configuration file, you need to use the NBear.Tools.ConfigurationEncrypter.exe tool in the Dist directory. This is a Windows Form program that is used very simply to load a configuration file, specify the encryption key, and encrypt/decrypt the configuration file.

3 Using the ASP.net configuration section encryption tool to implement configuration section encryption associated with the deployment environment

Asp. NET provides encryption for the config file, for example, use the following command-line statement to encrypt the Web.config entityconfig configuration section of the specified application in IIS:

Aspnet_regiis-pe "Entityconfig"-app "/Application Name"

The following statement is the corresponding decryption command:

ASPNET_REGIIS–PD "Entityconfig"-app "/Application Name"

Note 1: You can perform aspnet_regiis/help view aspnet_regiis more options in the command line environment. Aspnet_regiis.exe tools are generally in the [windir]\ microsoft.net\framework\v2.0.50727\ directory.

NOTE 2: You may need to copy the Dist\nbear.common.dll file to the directory where Aspnet_regiis.exe is located, otherwise the NBear.Common.dll error may not be loaded during the encryption/decryption configuration section.

You might ask, what's the use of a configuration file that encrypts a Web application like the above command?

Once you use the ASPNET_REGIIS Encryption configuration section, the contents of the configuration section that is encrypted in the configuration file are replaced with encrypted data that can be identified only on the server that performs aspnet_regiis. That is, the program cannot be run even if the application is completely copied to another server, because the configuration file will not be recognized correctly. Aspnet_regiis also contains additional encryption options that allow for more flexible control of the configuration section's encryption process. However, this is the ASP. NET SDK document discussion, here only gives the common method, does not do more discussion.

Body End