Asp.net 在 sessionState 中加密 sqlConnectionString
[英]Asp.net encrypt sqlConnectionString in sessionState
问题描述
I am using sessionState mode = "SQLServer" in my application.
我在我的应用程序中使用 sessionState mode = "SQLServer"。 Is there any way to encrypt the connection string that was passed in web.config?有没有办法加密在 web.config 中传递的连接字符串?
2 个解决方案
解决方案1
4 已采纳 2011-10-14 13:57:12
To encrypt sql server connection between applications you can just add要加密应用程序之间的 sql server 连接,您只需添加
encrypt=true
to the connection string, eg:到连接字符串,例如:
"Server=##.##.##.##,1092;Database=dbname;uid=username;pwd=password;encrypt=true"
To encrypt the string in web.config see how-to-encrypt-connection-string-in-web.config要加密 web.config 中的字符串,请参阅how-to-encrypt-connection-string-in-web.config
解决方案2
1 2019-11-08 13:53:17
I was in the same position and I also couldn't find any answer.我处于同样的位置,我也找不到任何答案。 The accepted answer also doesnt reciprocate the question asked in my opinion.接受的答案也没有回应我认为提出的问题。 After some research, i did the following to solve the issue and encrypted the sessionState node having connectionString of web.config经过一番研究,我做了以下工作来解决这个问题并加密了具有 web.config 的connectionString的sessionState节点
Encryption:加密:
You can follow the following steps to encrypt a specific section of web.config:您可以按照以下步骤加密 web.config 的特定部分:
Run command prompt as an
administrator以administrator身份运行命令提示符Execute the command:
执行命令:cd C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319Execute the command:
执行命令:
ASPNET_REGIIS -pef "system.web/sessionState" "PhysicalPathOfWebsiteThatHasWebConfigFile"
Decryption:解密:
Similarly if you want to decrypt a specific node in the web.config, follow the same above steps and replace -pef with -pdf in the final step and the utility will decrypt the specific node同样,如果你要解密在web.config特定的节点,按照相同的上述步骤并更换-pef与-pdf在最后的步骤和实用程序将解密的特定节点
Explanation about above commands:以上命令说明:
ASPNET_REGIIS: Taken from official MSDN , You can use the ASP.NET IIS Registration Tool (Aspnet_regiis.exe) to encrypt or decrypt sections of a Web configuration file.ASPNET_REGIIS:取自官方MSDN ,您可以使用 ASP.NET IIS 注册工具 (Aspnet_regiis.exe) 来加密或解密 Web 配置文件的部分。 ASP.NET will automatically decrypt encrypted configuration elements when the Web.config file is processed.处理 Web.config 文件时,ASP.NET 将自动解密加密的配置元素。 And -pef tells that you want to use it for encrypting a specific section in your web.config.并且 -pef 告诉您要使用它来加密 web.config 中的特定部分。 It serves other purposes as well as explained in the official MSDN它用于其他目的以及在官方MSDN 中解释system.web/sessionStateis the specific node that you want to encrypt.system.web/sessionState是您要加密的特定节点。PhysicalPathOfWebsiteThatHasWebConfigFileis the physical path of your application (where web.config is located).PhysicalPathOfWebsiteThatHasWebConfigFile是应用程序的物理路径(web.config 所在的位置)。 Please do not add an extra '\\' at the end of the path.请不要在路径末尾添加额外的“\\”。
Other Reference Links:其他参考链接:
https://docs.microsoft.com/en-us/previous-versions/aspnet/zhhddkxy(v=vs.100) https://docs.microsoft.com/en-us/previous-versions/aspnet/zhhddkxy(v=vs.100)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.