加密 web.config 文件的 elmah 部分

发布于 10-05 14:23 字数 193 浏览 7 评论 0原文

如何加密 web.config 文件的 elmah 部分,以便 SMTP 服务器和登录信息受到保护吗?

我已经学会了如何加密连接字符串、appSettings 和其他部分;使用代码或 aspnet_regiis.exe。

但是,当我尝试加密该部分时,它告诉我找不到该部分。

有什么加密的技巧吗?

谢谢, +M

How can I encrypt the elmah section of my web.config file, so the SMTP server & login information is protected?

I've learned how to encrypt the connection strings, appSettings and other sections; using code or aspnet_regiis.exe.

However, when I try and encrypt the section, it tells me the section is not found.

Is there a trick to encrypting it?

Thanks,
+M

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

谁的年少不轻狂2024-10-12 14:23:32

上面的信息是正确的(您需要定位“errorMail”或 elmah 组的特定子部分)。然而,解决方案的代码比需要的要多......

这是一个仅使用“elmah/errorMail”的更干净的解决方案。解决方案:

string section = "elmah/errorMail";

Configuration config = WebConfigurationManager.OpenWebConfiguration(HttpRuntime.AppDomainAppVirtualPath);
// Let's work with the section 
ConfigurationSection configsection = config.GetSection(section);
if (configsection != null)
    // Only encrypt the section if it is not already protected
    if (!configsection.SectionInformation.IsProtected)
    {
        // Encrypt the <connectionStrings> section using the 
        // DataProtectionConfigurationProvider provider
        configsection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
        config.Save();
    }

The information above is correct (that you need to target the "errorMail" or specific sub-section of the elmah group). However, the solution is more code than needed...

Here's a cleaner solution using just "elmah/errorMail". Solution:

string section = "elmah/errorMail";

Configuration config = WebConfigurationManager.OpenWebConfiguration(HttpRuntime.AppDomainAppVirtualPath);
// Let's work with the section 
ConfigurationSection configsection = config.GetSection(section);
if (configsection != null)
    // Only encrypt the section if it is not already protected
    if (!configsection.SectionInformation.IsProtected)
    {
        // Encrypt the <connectionStrings> section using the 
        // DataProtectionConfigurationProvider provider
        configsection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
        config.Save();
    }
青衫负雪2024-10-12 14:23:32

我尝试使用 aspnet_regiis 但在指定部分路径时遇到问题。切换到基于代码的方法,我列举了这些部分和内容。了解到有SectionGroup,只有Sections可以加密,而Elmah是一个SectionGroup,所以我需要加密elmahSectionGroup下的errorMail部分。我比昨天知道的多了一点。

这是来自 global.asax.cs 的代码片段(如果对其他人有用的话):

    private static void ToggleWebEncrypt(bool Encrypt)
    {
        // Open the Web.config file.
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");

        //.... (protect connection strings, etc)

        ConfigurationSectionGroup gpElmah = config.GetSectionGroup("elmah");
        if (gpElmah != null)
        {
            ConfigurationSection csElmah = gpElmah.Sections.Get("errorMail");
            ProtectSection(encrypted, csElmah);
        }

        //.... other stuff
        config.Save();

    }


    private static void ProtectSection(bool encrypted, ConfigurationSection sec)
    {
        if (sec == null)
            return;
        if (sec.SectionInformation.IsProtected && !encrypted)
            sec.SectionInformation.UnprotectSection();
        if (!sec.SectionInformation.IsProtected && encrypted)
            sec.SectionInformation.ProtectSection("CustomProvider");
    }

I tried using aspnet_regiis but had trouble specifying the section path. Switching to a code based approach, I enumerated the sections & learned there are SectionGroups, that only Sections can be encrypted, and that Elmah is a SectionGroup, so I need to encrypt the errorMail section under the elmah SectionGroup. I know a little more than yesterday.

This is the snippet, if it's useful to someone else down the line, from global.asax.cs:

    private static void ToggleWebEncrypt(bool Encrypt)
    {
        // Open the Web.config file.
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");

        //.... (protect connection strings, etc)

        ConfigurationSectionGroup gpElmah = config.GetSectionGroup("elmah");
        if (gpElmah != null)
        {
            ConfigurationSection csElmah = gpElmah.Sections.Get("errorMail");
            ProtectSection(encrypted, csElmah);
        }

        //.... other stuff
        config.Save();

    }


    private static void ProtectSection(bool encrypted, ConfigurationSection sec)
    {
        if (sec == null)
            return;
        if (sec.SectionInformation.IsProtected && !encrypted)
            sec.SectionInformation.UnprotectSection();
        if (!sec.SectionInformation.IsProtected && encrypted)
            sec.SectionInformation.ProtectSection("CustomProvider");
    }
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文