balanscott
Registered: 10/26/09
Posts: 24
|
| | 11/03/09 at 12:35 PM | Reply with quote | #1 |
|
Has anyone had a customer request to make the passwords field in the web.config files encrypted? I am seeing this as a new request and do not know if Iron Speed can support it.
Here is a specific article we have followed before other ASP.Net applications:
http://aspnet.4guysfromrolla.com/articles/021506-1.aspx
It specifically mentions this:
Each of these sections can optionally be encrypted, either programmatically or through aspnet_regiis.exe, a command-line tool. When encrypted, the scrambled text is stored directly in the configuration file. For example, if we were to encrypt the Web.config file might look like the following: (Note: a large chunk of the
I just wanted to check before offering this as a solution we consider..
|
| Loading... | |
dwelden
Registered: 03/19/09
Posts: 48
|
| | 11/04/09 at 09:01 AM | Reply with quote | #2 |
|
I have one Iron Speed application in Production that contains encrypted database credentials in the web.config. Not sure if Iron Speed will work with it in the Designer and in Cassini, as we have a custom MSI installation step where we replace the web.config file with an environment-specific version.
The decryption is handled by IIS for you so no additional coding in the application is required. |
| Loading... | |
balanscott
Registered: 10/26/09
Posts: 24
|
| | 11/07/09 at 06:06 PM | Reply with quote | #3 |
|
I was believeing that could be the case since the deployment would be seperate, just curious before we devoted too much time to it..
Thanks.
|
| Loading... | |
dwelden
Registered: 03/19/09
Posts: 48
| |
RSS(.NETCodeGenerationIsHere).gif)
