ASP.NET 包括两个内置的受保护配置提供程序:RSA 和 DPAPI DPAPI 提供程序使用特定于计算机的密钥,因此您必须在每台计算机上实际加密配置设置。默认使用的 RSA 提供程序允许您选择创建 RSA 密钥并将其安装在其他计算机上,这样您就可以在这些计算机之间复制相同的配置文件。此外,您还可以安装其他受保护配置提供程序供系统使用。
调 用配置管理 API 可透明地使用加密的节,因为该 API 自动处理加密和解密。若要通过编程方式将配置节设置为加密的,可获取 ConfigurationSection.SectionInformation 属性,然后传入您选择的保护提供程序调用 ProtectSection 方法。若要使用默认提供程序,可以传入 null 或空字符串。UnprotectSection 方法禁用配置节的加密。
下面的示例演示如何以编程方式对配置节进行加密,配置 API 如何自动处理加密的节。
<%
@ Import Namespace
=
"
System.Configuration
"
%>
<%
@ Import Namespace
=
"
System.Web.Configuration
"
%>
<%
@ Import Namespace
=
"
System.Xml
"
%>
<
script runat
=
"
server
"
language
=
"
C#
"
>
public
void
Page_Load(
object
source, EventArgs e)
...
{
if (!IsPostBack) ...{
UpdateUI();
}
}
void
ProtectButton_OnClick(Object source, EventArgs e)
...
{ String path = Request.CurrentExecutionFilePath; path = path.Substring(0, path.LastIndexOf('/')); // Get configuration. Configuration config = WebConfigurationManager.OpenWebConfiguration(path); ConfigurationSection appSettings = config.GetSection("appSettings"); if (appSettings.SectionInformation.IsProtected) ...{ appSettings.SectionInformation.UnprotectSection(); } else ...{ appSettings.SectionInformation.ProtectSection("DataProtectionConfigurationProvider"); } try ...{ config.Save(); UpdateUI(); } catch (Exception ex) ...{ Response.Write("In order to modify configuration settings, the ASP.NET process account (either the local ASPNET or Network Service account, by default) "); Response.Write("must have write permission granted for the Web.config file in the sample directory"); } }
void
UpdateUI()
...
{ String path = Request.CurrentExecutionFilePath; path = path.Substring(0, path.LastIndexOf('/')); // Get configuration. Configuration config = WebConfigurationManager.OpenWebConfiguration(path); // Show XML for app settings. ConfigurationSection appSettings = config.GetSection("appSettings"); // Set protect button appropriately. if (appSettings.SectionInformation.IsProtected) ...{ Encrypted.Text = "Yes"; ProtectButton.Text = "Unprotect"; } else ...{ Encrypted.Text = "No"; ProtectButton.Text = "Protect"; } // Show XML for app settings. AppSettingsXml.Text = " " + Server.HtmlEncode(appSettings.SectionInformation.GetRawXml()); // Load XML directly from config file, to show encrypted XML. String configPath = Server.MapPath("web.config"); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.Load(configPath); XmlNode appSettingsXml = doc.SelectSingleNode("configuration/appSettings"); AppSettingsEncrypted.Text = " " + Server.HtmlEncode(appSettingsXml.OuterXml); }
</
script
>
<
html
>
<
head
>
<
title
>
Encrypted Configuration Sections
</
title
>
</
head
>
<
body
>
<
form id
=
"
form1
"
runat
=
"
server
"
>
<
div
>
<
h2
>
Encrypted:
<
asp:Label runat
=
"
server
"
id
=
"
Encrypted
"
/></
h2
><
asp:Button runat
=
"
server
"
id
=
"
ProtectButton
"
OnClick
=
"
ProtectButton_OnClick
"
/>
<
h2
>
Current XML (decrypted):
</
h2
>
<
pre
>
<
asp:Label runat
=
"
server
"
ID
=
"
AppSettingsXml
"
/>
</
pre
>
<
h2
>
Encrypted contents:
</
h2
>
<
pre
>
<
asp:Label runat
=
"
server
"
ID
=
"
AppSettingsEncrypted
"
/>
</
pre
>
</
div
>
</
form
>
</
body
>
</
html
>
对应配置文件如下:
<?
xml version
=
"
1.0
"
encoding
=
"
utf-8
"
?>
<
configuration
>
<
configProtectedData
/>
<
appSettings
>
<
add key
=
"
currencyService
"
value
=
"
http://www.microsoft.com/services/currencyService.asmx
"
/>
<
add key
=
"
creditCardValidationService
"
value
=
"
http://www.microsoft.com/services/cc.asmx
"
/>
</
appSettings
>
</
configuration
>
效果如图:
548
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
