[英]How to use encrypted password in source code for Directory Services authentication
I wrote a program that reads the UserPrincipal of an User in our Active Directory via PrincipalContext. 我编写了一个程序,该程序通过PrincipalContext在Active Directory中读取用户的UserPrincipal。 For this the authentication of a privileged user is needed.
为此,需要特权用户的认证。 At the moment the password for this authentication is saved as plaintext in the source code.
目前,此身份验证的密码已以纯文本格式保存在源代码中。 Because of security reasons a encrypted password should be saved in the source code or in a different file.
出于安全原因,应将加密的密码保存在源代码或其他文件中。 Is there a way to solve this?
有办法解决吗?
const string domain = "";
const string rooOrganizationalUnit = "";
const string adDomain = "";
const string adUserName = "";
const string adPassword = "";
private static PrincipalContext GetPrincipalContext()
{
PrincipalContext principalContext;
principalContext = new PrincipalContext(ContextType.Domain, domain, rooOrganizationalUnit, ContextOptions.Negotiate, adUserName + "@" + adDomain, adPassword);
return principalContext;
}
(This snippet of code is originally taken from this site ) (此代码段最初是从此站点获取的 )
You don't want to store this in code either encrypted or not. 您不想将其存储在加密或未加密的代码中。 One of the approaches will be to shift sensitive data off to a config file, type passwords in production only and encrypt that section in the application.
一种方法是将敏感数据移到配置文件,仅在生产环境中键入密码,然后在应用程序中对该部分进行加密。
In a config file 在配置文件中
<configuration>
<appSettings>
<add key="adPassword" value="this should be empty in source controll" />
</appSettings>
</configuration>
In code 在代码中
const string adPassword = ConfigurationManager.AppSettings["adPassword"];
Notes 笔记
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.