encrypt the userid and password
From: Faisal Rahman (faisal.rahman@cunamutual.com)
Date: 08/23/02
- Next message: ashwani tyagi: "Impersonate to attach SSL certificate"
- Previous message: Ion: "Re: Impersonate and shared hosting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Faisal Rahman" <faisal.rahman@cunamutual.com> Date: Fri, 23 Aug 2002 12:24:38 -0700
During our .Net Blaze training, we learned that .Net web
applications should store the userid and password, used
for the identity (context) authorization, in the
Web.config file. Our problem is one of securing the
userid and password so that developers of the application
cannot read it but the application itself can access it
for authorization to execute.
We would like to encrypt the userid and password. How do
we unencrypt the userid and password at run time.
The userid and password we are referring to are for the
context the application is running under. Similar to how
a component packaged under MTS works. It is our
understanding that IIS will look in the web.config file
for the identity that the application will run under. It
is also our understanding that this identity will be used
to grant access to system resources, rather than the
default IIS identity. Again, our problem is how to
unencrypt the userid and password at run time.
- Next message: ashwani tyagi: "Impersonate to attach SSL certificate"
- Previous message: Ion: "Re: Impersonate and shared hosting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
