Prevent IIS app restart when saving an encrypted configuration section?

Question

I'm helping build an ASP.NET C# application with multiple custom configuration files. We store these outside the web.config file using <configSections><section /></configSections> elements making sure to set restartOnExternalChanges="false" so file saves don't restart the application.

To manage these settings we've built ASPX pages to read, update and save the various sections and values. For plain text sections this works pretty well. Admins log into the configuration section of the app, make changes, save and they take effect immediately.

But we have one section, in its own external file like all the others, that is also encrypted. Whenever that section is saved, the IIS application restarts loosing the session. That means the logged in admin making the configuration changes, and all end users logged into the user side of the app, have to login again which is frustrating.

Is there any way to avoid IIS application restart when an encrypted configuration section is saved?

Our current encrypted config section handling code looks like this:

public class CredentialsConfig : ConfigurationSection
{
    Configuration Config = null;
    CredentialsConfig Section = null;

    public static CredentialsConfig GetConfig()
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");
        CredentialsConfig section = config.GetSection("credentials") as CredentialsConfig;

        // Ensure the current file is encrypted
        if (!section.SectionInformation.IsProtected)
        {
            section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
            section.SectionInformation.ForceSave = true;
            config.Save();
        }

        return section;
    }

    public CredentialsConfig GetConfigForUpdate()
    {
        Config = WebConfigurationManager.OpenWebConfiguration("~");
        Section = Config.GetSection("credentials") as CredentialsConfig;
        return Section;
    }

    public void SaveConfig()
    {
        Section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
        Section.SectionInformation.ForceSave = true;
        Config.Save(ConfigurationSaveMode.Modified);
        ConfigurationManager.RefreshSection("credentials");
    }

    [ConfigurationProperty("administrator")]
    public AdministratorConfigurationElement Administrator
    {
        get
        {
            return this["administrator"] as AdministratorConfigurationElement;
        }
    }
}

And we're using it like:

CredentialsConfig credentialsConfig = new CredentialsConfig();
AdministratorConfigurationElement newConfig = credentialsConfig.GetConfigForUpdate().Administrator;
// setting attributes in the section's <administrator /> element
credentialsConfig.SaveConfig();
// frustrating app restart happens

Answer 1

No. Modifications to the .config file are one of the automatic triggers that will always restart the application.

Personally, I'd recommend moving commonly modified items out of .config files and into a database, or the registry, or someplace else where it can be encrypted and protected, and where this isn't an issue.