How can I protect the use name and password in ConnectionString?
In order to connect to database, I have to put the name and password in ConnectionString, I know the C# program can be uncompiled easily,
how can I the use name and password? thanks!
[195 byte] By [
CUIWEI] at [2007-12-16]
Enterprise Library is designed to work in all types of applications: WinForms, ASP.NET, Windows Services, console, ... You can place your connection strings in your app.config file encrypted and it will be read at startup time by your WinForms app.
Here's a quick walkthrough. I hope it helps.
- Install Enterprise Library.
- Launch the Enterprise Library Configuration applications. (Start... All Programs... Microsoft patterns & practices... Enterprise Library... Enterprise Library Configuration)
- File... New Application... and give it a name (i.e. MyApp).
- With MyApp selected, Action... New... Data Access Application Block.
- Configure your connection string by setting your server name, database name, and security. (You get a SQL Server connection strings by default. If you're using another provider, you'll have to delete this one and create a new one.)
- Select MyApp/Configuration Application Block/Encryption Settings. Action... New... File Key Algorithm Storage Provider...
- Select "Create a new key algorithm pair". Next...
- "Select Algorithm..." RijndaelManaged (pronounced Rain Doll)... OK. Next...
- "Generate" Next...
- "Select File..." and enter "MyApp.key". OK. Finish.
- Select MyApp/Configuration Application Block/dataConfiguration and set the Encrypt field to True.
- File... Save... "MyApp.exe.config" to your Project file location. (Note you need the full name of your executable with .config appended.)
- Open your solution in VS.NET.
- Right-click Project... Properties... Common Properties... Build Events... and set Post-build Event Command Line to:
- copy "$(ProjectDir)*.config" "$(TargetDir)"
- This will copy all of the configuration files to the build directory.
- Right-click Project... Add Reference... Browse... and add references to C:\Program Files\Microsoft Enterprise Library\bin\Microsoft.Practices.EnterpriseLibrary.Data.dll and Microsoft.Practices.EnterpriseLibrary.Configuration.dll.
- In your code, add "using Microsoft.Practices.EnterpriseLibrary.Data;" [C#] or "Imports Microsoft.Practices.EnterpriseLibrary.Data" [VB.NET].
- Create an instance of a Database object via "Database db = DatabaseFactory.CreateDatabase();" [C#] or 'Dim db As Database = DatabaseFactory.CreateDatabase()" [VB.NET]. (Assumes that you only have one database instance. Otherwise provide the name of the database instance, as set in your configuration file, as a parameter.)
Note that the location of your key file is hard-coded in your MyApp.exe.config. If you move your key file, you need to modify your config to point to it. When you deploy, you should place a strong ACL on your key file and encrypt it using EFS. (In Explorer, right-click the file, Properties... Advanced... Encrypt contents to secure data.)
Some good information to get you started with the various app blocks can be found on Online Tutorials about Enterprise Library.
Hello dear,
Have you solved this problem. If so , Kindly share with me.
Appreicated your early response
Mubarak
