-
.net2.0 Webconfig中连接串的加密
网络 2013/6/11 19:47:09【导读】ASP.NET 2.0 允许用户对配置文件的单个节进行加密本文。通过示例,演示如何以编程方式对配置节进行加密,配置API如何自动处理加密的节。
ASP.NET 2.0 现在允许您对配置文件的单个节进行加密,这样,几乎不可能使用文本编辑器来读取这些配置节。
ASP.NET 包括两个内置的受保护配置提供程序:RSA和DPAPI DPAPI提供程序使用特定于计算机的密钥,因此您必须在每台计算机上实际加密配置设置。默认使用的RSA提供程序允许您选择创建RSA密钥并将其安装在其他计算机上,这样您就可以在这些计算机之间复制相同的配置文件。此外,您还可以安装其他受保护配置提供程序供系统使用。
调用配置管理API可透明地使用加密的节,因为该API自动处理加密和解密。若要通过编程方式将配置节设置为加密的,可获取ConfigurationSection.SectionInformation属性,然后传入您选择的保护提供程序调用ProtectSection方法。若要使用默认提供程序,可以传入null或空字符串。UnprotectSection方法禁用配置节的加密。
下面的示例演示如何以编程方式对配置节进行加密,配置API如何自动处理加密的节。
<%@ Import Namespace="System.Configuration" %> <%@ Import Namespace="System.Web.Configuration" %> <%@ Import Namespace="System.Xml" %> <script runat="server" language="C#"> public void Page_Load(object source, EventArgs e) ...{ if (!IsPostBack) ...{ UpdateUI(); } } void ProtectButton_OnClick(Object source, EventArgs e) ...{ String path = Request.CurrentExecutionFilePath; path = path.Substring(0, path.LastIndexOf(’/’)); // Get configuration. Configuration config = WebConfigurationManager.OpenWebConfiguration(path); ConfigurationSection appSettings = config.GetSection("appSettings"); if (appSettings.SectionInformation.IsProtected) ...{ appSettings.SectionInformation.UnprotectSection(); } else ...{ appSettings.SectionInformation.ProtectSection("DataProtectionConfigurationProvider"); } try ...{ config.Save(); UpdateUI(); } catch (Exception ex) ...{ Response.Write("In order to modify configuration settings, the ASP.NET process account (either the local ASPNET or Network Service account, by default) "); Response.Write("must have write permission granted for the Web.config file in the sample directory"); } } void UpdateUI() ...{ String path = Request.CurrentExecutionFilePath; path = path.Substring(0, path.LastIndexOf(’/’)); // Get configuration. Configuration config = WebConfigurationManager.OpenWebConfiguration(path); // Show XML for app settings. ConfigurationSection appSettings = config.GetSection("appSettings"); // Set protect button appropriately. if (appSettings.SectionInformation.IsProtected) ...{ Encrypted.Text = "Yes"; ProtectButton.Text = "Unprotect"; } else ...{ Encrypted.Text = "No"; ProtectButton.Text = "Protect"; } // Show XML for app settings. AppSettingsXml.Text = " " + Server.HtmlEncode(appSettings.SectionInformation.GetRawXml()); // Load XML directly from config file, to show encrypted XML. String configPath = Server.MapPath("web.config"); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.Load(configPath); XmlNode appSettingsXml = doc.SelectSingleNode("configuration/appSettings"); AppSettingsEncrypted.Text = " " + Server.HtmlEncode(appSettingsXml.OuterXml); } </script> <html> <head> <title>Encrypted Configuration Sections</title> </head> <body> <form id="form1" runat="server"> <div> <h2>Encrypted:<asp:Label runat="server" id="Encrypted" /></h2> <asp:Button runat="server" id="ProtectButton" OnClick="ProtectButton_OnClick" /> <h2>Current XML (decrypted):</h2> <pre> <asp:Label runat="server" ID="AppSettingsXml" /> </pre> <h2>Encrypted contents:</h2> <pre> <asp:Label runat="server" ID="AppSettingsEncrypted" /> </pre> </div> </form> </body> </html>
对应配置文件如下:<?xml version="1.0" encoding="utf-8"?> <configuration> <configProtectedData /> <appSettings> <add key="currencyService" value="http://www.microsoft.com/services/currencyService.asmx" /> <add key="creditCardValidationService" value="http://www.microsoft.com/services/cc.asmx" /> </appSettings> </configuration>
阅读(50594) 分享(0)