-----------------------------------------------------------
New Message on BDOTNET
-----------------------------------------------------------
From: Varad_RS
Message 2 in Discussion
I am providing the answers as per my knowledge...
1) Custom Settings and App Settings:
By using custom configuration sections, you are allowed to store a richer amount of
information in the application config file, than when you simply add values to the
<appSettings> section
2) Other ways to store connection string
There are a number of possible locations and approaches for storing database
connection strings, each with varying degrees of security and configuration
flexibility.
The following are the main options for storing connection strings:
Encrypted with DPAPI
Clear text in Web.config or Machine.config
UDL files
Custom text files
Registry
COM+ catalog
Configuration files are definitely a bad place to store sensitive data like user
credentials or connection strings.
One common approach is to store a registry path in your config file and save in that
registry entry (with a strong ACL) the encrypted data with DPAPI (local machine mode).
You just have a tool (aspnet_setreg.exe) that does this in .NET Framework.
The main goal of this tool is to encrypt sensitive data in the following configuration
sections:
- <identity userName= password= />
- <processModel userName= password= />
- <sessionState stateConnectionString= sqlConnectionString= />
However, you might use this handy tool to your own config sections.
To encrypt some sensitive data (ie some connection string) you may follow these steps:
- Alter installing the above tool, run this from the command prompt:
aspnet_setreg.exe -k:Software\YourCompany\YourKey -c:"Data Source=local;Initial
Catalog=MyDB;User ID=neo;Password=Logos$31687#"
- On your connection element of the configuration file put something like this:
<connection name="myName"
value="registry:HKLM\Software\YourCompany\YourKey\ASPNET_SETREG,sqlConnectionString"
/>
- Set the registry entry ACL as stated on the tool download link above.
To decrypt this data you might use this sample:
string connection = Encoding.Unicode.GetString( ProtectedData.Decrypt(
registryBytes ) );
3) Inheritance & Polymorphism
When you derive a class from a base class, the derived class will inherit all members
of the base class except constructors, though whether the derived class would be able
to access those members would depend upon the accessibility of those members in the
base class. C# gives us polymorphism through inheritance. Inheritance-based
polymorphism allows us to define methods in a base class and override them with
derived class implementations. Thus if you have a base class object that might be
holding one of several derived class objects, polymorphism when properly used allows
you to call a method that will work differently according to the type of derived class
the object belongs to.
Hope this helps..
Regards,
Varad.
-----------------------------------------------------------
To stop getting this e-mail, or change how often it arrives, go to your E-mail
Settings.
http://groups.msn.com/BDotNet/_emailsettings.msnw
Need help? If you've forgotten your password, please go to Passport Member Services.
http://groups.msn.com/_passportredir.msnw?ppmprop=help
For other questions or feedback, go to our Contact Us page.
http://groups.msn.com/contact
If you do not want to receive future e-mail from this MSN group, or if you received
this message by mistake, please click the "Remove" link below. On the pre-addressed
e-mail message that opens, simply click "Send". Your e-mail address will be deleted
from this group's mailing list.
mailto:[EMAIL PROTECTED]
