Products
Services
Contact Us

Scripts: asp :: ASP.NET encryption :: Library Article #7

Developer's Section

Encrypt / Decrypt Database Parameters in ASP.NET
By: Erobo Team Member

Hire a Developer for Related Work / Installation | $55 hr
Rating:  | Rate It:   
Average Votes: (1847)
Favorites:

Learn to encrypt database parameters in ASP.NET

You can take an extra security measure in your ASP.NET applications when database login information needs to be protected. The best way is to use the following code: 1.Open the web.config file in your ASP.NET application:

 Code Snippet 1

<configuration>
  <system.web>
  <appSettings/>
    <connectionStrings>
    <add name="DatabaseParameters1" 
    connectionString="server=mssql.serverproviders.com;
       database=dm_database_finance;
       uid=finances_user56;
       password=yy1n43"
    providerName="System.Data.SqlClient" />
    </connectionStrings>
  <system.web>
    <compilation debug="true"/>
      <authentication mode="Windows"/>
    <pages theme="Theme1" />
  </system.web>
</configuration>


Now, open the file of the current form you are working on and add the following to the code behind of the file:

 Code Snippet 2

using System.Web.Configuration;
using System.Web.Security;
using System.Configuration;
 
public void EncryptConnString()
{
    
  Configuration config = WebConfigurationManager.OpenWebConfiguration(
                                               Request.ApplicationPath);
  ConfigurationSection section = config.GetSection("connectionStrings");
  if (!section.SectionInformation.IsProtected)
  {
    section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");
    config.Save();
  }
}


The RSAProtectedConfigurationProvider model provided will then encrypt the connection string when the script is executed.

In a similiar manner you can use the DataProtectionConfigurationProvider to decrypt connection strings:

 Code Snippet 3

public void DecryptConnString()
{
  Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
  ConfigurationSection section = config.GetSection("connectionStrings");
  if (section.SectionInformation.IsProtected)
  {
    section.SectionInformation.UnprotectSection();
    config.Save();
  }
}



See other Scripts in ASP.NET encryption

Submit Your Scripts:

If you would like to have your ASP & ASP.NET scripts published in this section please fill out
the form below:
*Your Name or Username:
Home Town:
*Email:
*Description and Code:
*Enter Code shown
to the right:

[ Refresh Image ]