ASP.NET Tutorial/Configuration/Encrypt

Материал из .Net Framework эксперт
Перейти к: навигация, поиск

Decrypt a configuration section by specifying a virtual directory.

The following command uses the -pd option with the -app option:
aspnet_regiis -pd connectionStrings -app /MyApp


decrypt a configuration section by using the -pdf option.

The following command decrypts a configuration file located in a folder named MyWebApp:
aspnet_regiis -pdf connectionStrings c:\Websites\MyWebApp


Encrypt Config

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="EncryptConfig" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
    </div>
    </form>
</body>
</html>
File: Default.aspx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Configuration;
public partial class EncryptConfig : System.Web.UI.Page
{
  protected void Page_Load(object sender, EventArgs e)
  {
    Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
    ConfigurationSection appSettings = config.GetSection("appSettings");
    if (appSettings.SectionInformation.IsProtected)
    {
      appSettings.SectionInformation.UnprotectSection();
    }
    else
    {
      appSettings.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
    }
    config.Save();
  }
}


Encrypt connectionStrings section with the DataProtectionConfigurationProvider

aspnet_regiis -pe connectionStrings -app /MyApp -prov ProtectedConfigurationProvider


Encrypting Sections Programmatically

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.Collections.Generic" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
    void Page_Load()
    {
        if (!Page.IsPostBack)
            BindSections();
    }
    protected void grdSections_RowCommand(object sender, GridViewCommandEventArgs e)
    {
        int rowIndex = Int32.Parse((string)e.rumandArgument);
        string sectionName = (string)grdSections.DataKeys[rowIndex].Value;
        if (e.rumandName == "Protect")
            ProtectSection(sectionName);
        if (e.rumandName == "UnProtect")
            UnProtectSection(sectionName);
        BindSections();
    }
    private void ProtectSection(string sectionName)
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration (Request.ApplicationPath);
        ConfigurationSection section = config.GetSection(sectionName);
        section.SectionInformation.ProtectSection ("RsaProtectedConfigurationProvider");
        config.Save(ConfigurationSaveMode.Modified);
    }
    private void UnProtectSection(string sectionName)
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration (Request.ApplicationPath);
        ConfigurationSection section = config.GetSection(sectionName);
        section.SectionInformation.UnprotectSection();
        config.Save(ConfigurationSaveMode.Modified);
    }
    private void BindSections()
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration (Request.ApplicationPath);
        List<SectionInformation> colSections = new List<SectionInformation>();
        foreach (ConfigurationSection section in config.SectionGroups["system.web"].Sections)
            colSections.Add(section.SectionInformation);
        grdSections.DataSource = colSections;
        grdSections.DataBind();
    }
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
    <title>Encrypt Config</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <asp:GridView
        id="grdSections"
        DataKeyNames="SectionName"
        AutoGenerateColumns="false"
        OnRowCommand="grdSections_RowCommand"
        Runat="server" >
        <Columns>
        <asp:ButtonField ButtonType="Link" Text="Protect" CommandName="Protect" />
        <asp:ButtonField ButtonType="Link" Text="UnProtect" CommandName="UnProtect" />
        <asp:CheckBoxField DataField="IsProtected" HeaderText="Protected" />
        <asp:BoundField DataField="SectionName" HeaderText="Section" />
        </Columns>
    </asp:GridView>
    </div>
    </form>
</body>
</html>


Encrypting Sections with the aspnet_regiis tool

To encrypt a section in the web configuration file, use the aspnet_regiis command-line tool. 
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
The following command encrypts the connectionStrings section of a configuration file located in a folder named MyWebApp:
aspnet_regiis -pef connectionStrings c:\Websites\MyWebApp

To use the virtual path. 
The following command encrypts the connectionStrings section of a configuration file located in a virtual directory named /MyApp:
-app option is used to specify the application"s virtual path.
aspnet_regiis -pe connectionStrings -app /MyApp
Источник — «http://nfex.ru/index.php?title=ASP.NET_Tutorial/Configuration/Encrypt&oldid=2834»