Even if you manage to encrypt the configuration section via making some stand-alone application to do this, there are again two problems in the approach:.So all the sensitive information will lie naked in the config file until and unless a user runs the application for the first time. Here, the IsProtected property of determines whether the configuration section is already encrypted.īut there is a problem, the Main method will be called when the application is run. = true Ĭonfig.Save(ConfigurationSaveMode.Modified) " MyUserDataProtectionConfigurationProvider") So probably, using code such as the following in the application’s Main method will work out.ĬonfigurationManager.OpenExeConfiguration(Ĭonfig.GetSection( " connectionStrings") By using this method, a particular configuration section of the application configuration file can be encrypted. The ProtectSection method is not a command line tool like apnet_regiis, one has to call it at runtime from the application’s code.When it comes to a real life implementation of the ProtectSection method, there are the following problems: But none gives an example to use in practical desktop scenarios. Maybe I am not completely correct in saying this few resources on the web do mention that you can use the method to encrypt a Windows Forms application configuration file as well. In most of the articles, encryption is done via the aspnet_regiis tool, and aspnet_regiis does not support encryption of Windows Forms application configuration files, so virtually one is left with no option. Almost all of the online resources tell you to do that with ASP.NET. I started searching the web but was unable to find any practical application of Protected Configuration for Windows Forms applications. I decided to use the new Protected Configuration feature of Microsoft. It all happened when I came across a need to encrypt sensitive information in my Windows Forms application’s configuration file.
0 Comments
Leave a Reply. |