stackoom
  简体   繁体   中英

Securing SQL Connection string in ASP.NET Core Windows authentication application

 原文  2020-05-30 21:10:50       c#/ asp.net-core/ asp.net-core-mvc/ connection-string

Question

Is there a way to secure the connection string or any user secret for ASP.NET Core application using Windows authentication?

1 answers

solution1
 0  2020-05-30 22:26:59

In general, if you're using Windows Authentication, the connection string shouldn't need to contain sensitive data - if it does, you likely have a mistake in it. Your connection string should contain the absolute minimum amount of information required to connect to your database (eg server name, authentication type) - no more.

By definition, if you're using Always Encrypted, you don't need to include any user secret in your connection string in order to log on - so don't include it.

Any other user secrets not related to connecting to the database can be stored via another mechanism, such as SQL Server's Always Encrypted mechanism .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Securing Connection String In Asp.net MVC how to set connection string and host a asp.net web application (having windows authentication) in local for SQL Server for multiple users? Handling authentication/authorization: ASP.NET Core Web Application => ASP.NET Core Web API => SQL ASP.Net Core: keep windows authentication ASP.NET Core Identity with Windows Authentication Changing a SQL Server Connection String in an ASP.NET Application By Passing Windows Authentication in ASP.NET application Use ADFS-based authentication inside ASP.NET Core to access a SQL Server using Windows authentication? ASP.NET Core MacOS Connection string asp.net core mvc connection string
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM