Reputation: 2167
Encrypting the connection string
We have created the Web API which creates a connection with the Oracle Database like
using (OracleConnection dbconn = new OracleConnection("DATA SOURCE=J;PASSWORD=CM;PERSIST SECURITY INFO=True;USER ID=TR"))
But want it to encrypted when we are publishing in the IIS. Do we do them in the web.config file. In the web. config after publishing in the File System from VS, I just see the below code. Do I need to create a new connection string as dbconn which I gave in the Controller code.
<oracle.manageddataaccess.client>
<version number="*">
<dataSources>
<dataSource alias="SampleDataSource" descriptor="(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ORCL))) " />
</dataSources>
</version>
</oracle.manageddataaccess.client>
<connectionStrings>
<add name="OracleDbContext" providerName="Oracle.ManagedDataAccess.Client" connectionString="User Id=oracle_user;Password=oracle_user_password;Data Source=oracle" />
</connectionStrings>
Creating the application for the first time. Any help is greatly appreciated.
Upvotes: 3
Views: 4386
Answers (1)
Reputation: 4710
It's standard practice to encrypt connection strings and many other sections of web.config. The standard way of doing this is using the Aspnet_regiis.exe tool located at %windows%\Microsoft.NET\Framework\<versionNumber>. It's easy to do. Here is a tutorial.
Upvotes: 5
Related Questions
- Encrypting Connection String in web.config
- connectionString encryption
- Encryption of connection strings in Web.config c#
- ASP.Net MVC5:How to encrypt decrypt connection string in web.config
- What is the proper method for encrypting ASP.NET connetionStrings?
- Encrypt the web.config file
- Encrypt the connection String in ASP.NET Web Config
- Encrypting the connection string in web.config file in C#
- Connection String Encryption , whats the idea?
- ASP.NET Connection String Encryption / Protection