stackoom
  简体   繁体   中英

Encrypted Database Connection Strings

 原文  2017-11-14 14:52:51       c#/ oracle/ database-connection/ connection-string

Question

I'm using the Oracle.ManagedDataAccess.Client to connect to a oracle database (v.12) in my C# Windows Application.

As example: 

using Oracle.ManagedDataAccess.Client;

string connStr = "user id=username;password=secret;data source=(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=hostname)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=servicename)))";
new OracleConnection(connStr);

as you can see the is in plain text. Can you suggest how this should be done, preventing passwords in code?

Im using .Net Framework 4.5.1 (Windows Application)

Thank you in advance

1 answers

solution1
 0  2017-11-14 15:18:27

The best way to prevent storing database credentials in the code of client app is to get data from the database via some API after authenticating the user in the application (using OpenId Connect or other protocol).

In this case, the API is responsible for communication with the database - not the client, so there is no need to store credentials on the client.

It is a bit different approach than you asked for, but I think it is the best solution.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Securing database connection strings How to store and retrieve database connection password encrypted using C# c# portable database connection strings Load database connection strings from another file Log4Net Database fun - connection strings! connection strings of database in visual studio 2010 Placing Database Connection Strings in .resx file Encrypted connection without SSLStream? Connection with SQLite db encrypted Decrypting RijndaelManaged Encrypted strings with CryptDecrypt
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM