The database connection string for Web. config is encrypted

Source: Internet
Author: User
Tags configuration settings decrypt connectionstrings

Connection reference: Http://wenku.baidu.com/link?url=nwGug8wxz143A4pvBE_kN6vMU7aF3ojwCKJOyN-TQleZ07iAYrjx_ Fnfvdotzaf8gbj8uiwzxopmwk7j0iznd3ip_niggqgmlr2a6ugtcc3

An older version of ASP. NET saves the connection string directly in the ASPX page. Recall that the connection string contains information such as the data server name and user account, and sometimes even contains a password. Including the above information in the code is a very bad habit, for two reasons. First, this information can be seen by every program person in the design team (but site visitors cannot see it on the browser). Second, every place in the entire Web site that has that connection must be maintained and updated. Updating the password has become a heavy task.

ASP. NET 2.0 provides an option to move the connection string to the connection area of the Web. config file, give the string a name, and encrypt it. The ASP. NET 2.0 page then refers to the connection string by this name. The steps to save the connection string to Web. config are not complex. Open the Web. config file located at the root of the site. Locate the <connectionString> defined area (if it doesn't exist, add it yourself) and enter the following code in the <Add> tag. The tag has three properties: Name, ConnectionString, and ProviderName. The property name is the normal name of the connection string that will be used in the page. The ConnectionString property should be set to the full connection string attached to the database, as described earlier.

e.g.

<?xml version= "1.0"?>
<configuration xmlns= "http://schemas.microsoft.com/.NetConfiguration/v2.0" >
<connectionStrings>
<add name= "sqlprofileconnstring" connectionstring= "Server=fox;database=mspetshop4profile;user id=mspetshop; [Email protected];min pool Size=4;max pool size=4;]
Providername= "System.Data.SqlClient"/>
<add name= "sqlmembershipconnstring" connectionstring= "Server=fox;database=mspetshop4services;user id=mspetshop ; [Email protected];min pool Size=4;max pool size=4;]
Providername= "System.Data.SqlClient"/>
<add name= "SQLConnString1" connectionstring= "Server=fox;database=mspetshop4;user id=mspetshop; [Email protected];min pool Size=4;max pool size=4;]
Providername= "System.Data.SqlClient"/>
<add name= "SQLConnString2" connectionstring= "Server=fox;database=mspetshop4;user id=mspetshop; [Email Protected];max pool size=4;min pool size=4;]
Providername= "System.Data.SqlClient"/>
<add name= "SQLConnString3" connectionstring= "Server=fox;database=mspetshop4orders;user id=mspetshop; [Email protected];min pool Size=4;max pool size=4;]
Providername= "System.Data.SqlClient"/>
<add name= "oraprofileconnstring" connectionstring= "" providername= "System.Data.OracleClient"/>
<add name= "oramembershipconnstring" connectionstring= "" providername= "System.Data.OracleClient"/>
<add name= "OraConnString1" connectionstring= "" providername= "System.Data.OracleClient"/>
<add name= "OraConnString2" connectionstring= "" providername= "System.Data.OracleClient"/>
<add name= "OraConnString3" connectionstring= "" providername= "System.Data.OracleClient"/>
</connectionStrings>
<appSettings>
<!--Pet Shop DAL configuration settings. Possible Values:PetShop.SQLServerDAL for SQL Server, Petshop.oracleserverdalfor Oracle. -
</appSettings>
</configuration>

The connection string area of the Web. config file can be encrypted by using a command. When an ASPX page requests a connection string, the information is automatically decrypted by ASP. Encryption must be performed by the following command line. Click Start/run/cmd and switch to C:\WINDOWS\ microsoft.net\ framework\ v2.0.xxxx, where xxxx is your software version. If C:\Websites\BegAspNet2Db is the site root, you can enter the following command line:

ASPNET_REGIIS–PEF connectionStrings C:\Websites\BegAspNet2Db

The command-line tool that encrypts the connection string can also use the virtual path syntax (the path in the IIS metabase) without specifying the fully qualified path to the Web. config file, as follows:

Aspnet_regiis–pe connectionstrings–app/begaspnet2db

Once the encryption process is done, you can open the Web. config file, but the connection string is already confused. The connection string is automatically decrypted when ASP. NET is needed, or if you need to make some changes, such as changing the password, you can manually enter the following code to decrypt it.

Aspnet_regiis–pdf connectionStrings C:\Websites\BegAspNet2Db

Note that by default, the encryption process uses a key for a machine that is based on an encryption algorithm. The decryption process, either manually or during the process of the page, must occur on the same machine as the encryption. For example, as part of Xcopy deployment, moving the Web. config to another machine will cause web. config to not decrypt, so it is recommended that you encrypt the connection string after you deploy the site to the final machine.

ps:petshop4.0 when installing, if you choose "Full Install", then the configuration file is encrypted by default, which is why I did not find the connection string in the beginning, and then with Windows Integrated authentication can not go up.

It was later found that there were two batch files in the installation directory:

1, encryption Encryptwebconfig.bat

@echo off
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pef "ConnectionStrings" "D:\Program Files\microsoft\.net Pet Shop 4.0\web "
PAUSE

2, decryption Decryptwebconfig.bat

@echo off
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pdf "ConnectionStrings" "D:\Program Files\microsoft\.net Pet Shop 4.0\web "
PAUSE

The black one is the difference between the two files.

The database connection string for Web. config is encrypted

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.