Re: DPAPI and config files

• Previous message: Joe Kaplan \(MVP - ADSI\): "Re: ASP.NET with ADirectory role based authentication"
• In reply to: Dan Amiga: "Re: DPAPI and config files"
• Next in thread: Dan Amiga: "Re: DPAPI and config files"
• Reply: Dan Amiga: "Re: DPAPI and config files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 26 Aug 2004 09:46:01 -0500

I don't believe you can do what you want to do as there are no hooks into
the configuration file APIs at the level you need. The best you could do
would be to encrypt specific data or use something like the configuration
application block as previously mentioned.

Joe K.

"Dan Amiga" <dan.amiga@ness.com> wrote in message
news:eg3mdI3iEHA.356@tk2msftngp13.phx.gbl...
> I am talking about Framework config files, not only Web.Config, also
> Machine.config, etc.
> How does this application block handels options that must exists before
the
> assembly loads such as processmodel / impersonation ?
>
>
>
>
> "Paul Glavich [MVP - ASP.NET]" <glav@aspalliance.com-NOSPAM> wrote in
> message news:eNMsN92iEHA.340@TK2MSFTNGP10.phx.gbl...
> > The configuration application block offers similar functionality but
> > relegates most of the config info to another file (not the web.config)
and
> > encrypts that.
> >
> >
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/
> cmab.asp
> >
> > --
> > - Paul Glavich
> > Microsoft MVP - ASP.NET
> >
> >
> > "Dan Amiga" <dan.amiga@ness.com> wrote in message
> > news:eQem$NoiEHA.2448@TK2MSFTNGP12.phx.gbl...
> > > Hello. This is about DPAPI and configuration files.
> > > Basically, what I understand is when loading the exe assembly the
> > framework
> > > takes parameters from the config file and loads them.
> > > I want to store THE ENTIRE web.config ( or any other config file )
using
> > > DPAPI.
> > >
> > > That is - I want to develop a component which intercept the frameworks
> > > request to the web.config, decrypt the config file stored in the DPAPI
> > > protected storage and give it to the framework for regular execution.
> > >
> > > The thing is - I want it to be transparent. I don't want other
> development
> > > teams to be concered and implement this logic in their applications.
> > >
> > > Any idea's ?
> > >
> > > Dan Amiga,
> > > Israel.
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
>
>

• Previous message: Joe Kaplan \(MVP - ADSI\): "Re: ASP.NET with ADirectory role based authentication"
• In reply to: Dan Amiga: "Re: DPAPI and config files"
• Next in thread: Dan Amiga: "Re: DPAPI and config files"
• Reply: Dan Amiga: "Re: DPAPI and config files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Cryptography. ... I want to actually encrypt the whole configuration file during set up. ... > equivalent DPAPI functionality built into the framework. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Error with Encrypting identity section of web.config ... You cannot encrypt the identity section using ProtectedConfiguration... ... Thats too early for protected configuration ... Server Error in '/' Application. ... processing of a configuration file required to service this request. ... (microsoft.public.dotnet.framework.aspnet.security) Re: Encryption algorithm ... Trailing spaces SHOULD not be a problem and they SHOULDN'T encrypt to the ... > it to encrypt a password in a configuration file, ... >> Presumably you want the encryption as a COBOL Subroutine? ... >> exit program. ... (comp.lang.cobol) Re: Encryption algorithm ... it to encrypt a password in a configuration file, ... > [You can set this key to be any character string you like. ... > exit program. ... (comp.lang.cobol) RE: Config file to turn on/off features ? ... encrypt the key/value pairs to prevent tampering. ... > want your users enabling features by editing the file in notepad. ... > in this configuration file using cryptography. ... (microsoft.public.dotnet.framework)