Re: Encrypt connection string - Access denied
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Nov 2007 08:26:13 +0000 (UTC)
the worker process would need write access to the webroot - nothing you want to do!
better write a console app or use aspnet_regiis.exe (under an admin account) to encrypt sections at deployment time.
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
Using the tutorial:
Protecting Connection Strings and Other Configuration Information
http://www.asp.net/learn/data-access/tutorial-73-cs.aspx
The sample code works fine, but it does not work in my web application
on my local machine or on a test server.
When I try to encrypt my sql connection string, I get an error
message: Access to the path 'c:\inetpub\wwwroot\....\cjhspoo2.tmp' is
denied.
web.config line 0
I assume it is here: Configuration config =
System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(
Request.ApplicationPath);
I have tried changing settings in IIS 6.0 with no luck. The sample
program code works but not with my website.
Is there some other permission that needs to be set?
Will this ever work on a shared server or is there a better approach?
Greg G
.
- Prev by Date: Re: Login control and restricted member pages
- Next by Date: Re: Login control and restricted member pages
- Previous by thread: Login control and restricted member pages
- Next by thread: Best practice for outputing XML Data from server
- Index(es):
Relevant Pages
|
