ASP.NET 4
I've used RSA key encryption for connection strings in web.config on my web farm. However, there's one more custom password entry that I'd like to encrypt. How should I encrypt it with RSA key without having the rest configurations being encrypted. Please advise, thanks.
Example:
<appSettings>
...
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="Password" value="asdfasdf" />
<add key="SessionEmail" value="foo#foo.com" />
<add key="DefaultFolder" value="789" />
</appSettings>
You could put the password into a separate section and encrypt this section only. For example:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</configSections>
<appSettings>
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="SessionEmail" value="foo#foo.com" />
<add key="DefaultFolder" value="789" />
</appSettings>
<secureAppSettings>
<add key="Password" value="asdfasdf" />
</secureAppSettings>
</configuration>
and then (note that I am using DPAPI in my example so adapt the provider for RSA):
aspnet_regiis -pef secureAppSettings . -prov DataProtectionConfigurationProvider
Once encrypted the file will look like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<section name="secureAppSettings" type="System.Configuration.NameValueSectionHandler, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</configSections>
<appSettings>
<add key="Host" value="www.foo.com" />
<add key="Token" value="qwerqwre" />
<add key="AccountId" value="123" />
<add key="DepartmentId" value="456" />
<add key="SessionEmail" value="foo#foo.com" />
<add key="DefaultFolder" value="789" />
</appSettings>
<secureAppSettings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd.......</CipherValue>
</CipherData>
</EncryptedData>
</secureAppSettings>
</configuration>
The way you would access those settings in your application once the file is encrypted is still the same and completely transparent:
var host = ConfigurationManager.AppSettings["Host"];
var password = ConfigurationManager.AppSettings["Password"];
In c# and .Net 4.5 I had to use this to read the encrypted setting:
string password = ((System.Collections.Specialized.NameValueCollection)ConfigurationManager.GetSection("secureAppSettings"))["Password"];
but otherwise works a treat.
You can't encrypt a single entry - the infrastructure only allows for encryption of whole config sections.
One option is to place the entry in its own config section and encrypt that.
Related
I am working on an asp.net console application , and i am trying to add a custom app settings section to encrypt it, as follow:-
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
but when i run the console application i will get this error:-
ConfigurationErrorsException: Unrecognized configuration section customAppSettingsGroup.
any advice?
EDIT-
I tried this inside my app.config:-
<configuration>
<configSections>
<sectionGroup name="customAppSettingsGroup">
<section name="customAppSettings"
type="System.Configuration.NameValueSectionHandler,System" />
</sectionGroup>
</configSections>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
but when i try to access the section using this code:-
NameValueCollection settings = ConfigurationManager.GetSection("customAppSettingsGroup/customAppSettings") as System.Collections.Specialized.NameValueCollection;
i got this exception:-
Could not load file or assembly 'System' or one of its dependencies.
The system cannot find the file specified.'
Try it this way
<configuration>
<configSections>
<sectionGroup name="customAppSettingsGroup">
<section name="customAppSettings"
type="System.Configuration.NameValueSectionHandler,System" />
</sectionGroup>
</configSections>
<customAppSettingsGroup>
<customAppSettings>
<add key="KeyOne" value="****" />
</customAppSettings>
</customAppSettingsGroup>
<appSettings>
<add key="ConcurrentRequests" value="100" />
<add key="ApiLimit" value="100" />
<add key="FullScanDay" value="Tuesday" />
<add key="logsFilePath" value="C:\logslogs\" />
<add key="TPSFilePathAndName" value="C:\ctps_ns.txt" />
<add key="PhoneNumberLength" value="11" />
</appSettings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
</configuration>
I have multiple environments and it needs the specific username and password to login. I will select the environment from a drop down list(DEV, UAT, PRD). So when I click an environment from the drop down list, it should store the username and password of the identified environment in the cs file.
In my web.config file:
<add key="DEPTA_DEV_cbUserName" value="owjfe8" />
<add key="DEPTA_DEV_cbPassw" value="HkvdC" />
<add key="DEPTB_DEV_cbUserName" value="qwrwr23" />
<add key="DEPTB_DEV_cbPassw" value="bgfbbbd" />
<add key="DEPTA_UAT_cbUserName" value="qatsze1" />
<add key="DEPTA_UAT_cbPassw" value="wswe4rx2" />
<add key="DEPTB_UAT_cbUserName" value="eyyyiidc3" />
<add key="DEPTB_UAT_cbPassw" value="rftytv4" />
<add key="DEPTA_PRD_cbUserName" value="tgy6utyygb3" />
<add key="DEPTA_PRD_cbPassw" value="yhfhdfhn6" />
<add key="DEPTB_PRD_cbUserName" value="ujhfdhdfdm7" />
<add key="DEPTB_PRD_cbPassw" value="plmhy99" />
In my .cs file:
string userName = WebConfigurationManager.AppSettings[];
what should be in the .AppSettings[] bracket?
We've just installed Application Insights on our server.
Everything seems to be working fine, but exceptions thrown on the server is not showing up in the portal.
We're logging exceptions with our custom tool, but we wanted to be able to see them in AI too, especially the unhandled ones.
It's a plain installation of the AI agent, on a Windows Server 2012.
ApplicationInsigts.confg:
<?xml version="1.0" encoding="utf-8"?>
<ApplicationInsights xmlns="http://schemas.microsoft.com/ApplicationInsights/2013/Settings" schemaVersion="2014-05-30">
<!--
Learn more about Application Insights configuration with ApplicationInsights.config here:
http://go.microsoft.com/fwlink/?LinkID=392530
-->
<TelemetryChannel>
<DeveloperMode>false</DeveloperMode>
</TelemetryChannel>
<TelemetryModules>
<Add Type="Microsoft.ApplicationInsights.Tracing.DiagnosticsTelemetryModule, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Web.RequestTracking.TelemetryModules.WebRequestTrackingTelemetryModule, Microsoft.ApplicationInsights.Web" />
<Add Type="Microsoft.ApplicationInsights.Web.RequestTracking.TelemetryModules.WebExceptionTrackingTelemetryModule, Microsoft.ApplicationInsights.Web" />
<Add Type="Microsoft.ApplicationInsights.Web.RequestTracking.TelemetryModules.WebSessionTrackingTelemetryModule, Microsoft.ApplicationInsights.Web" />
<Add Type="Microsoft.ApplicationInsights.Web.RequestTracking.TelemetryModules.WebUserTrackingTelemetryModule, Microsoft.ApplicationInsights.Web" />
<Add Type="Microsoft.ApplicationInsights.RuntimeTelemetry.RemoteDependencyModule, Microsoft.ApplicationInsights.RuntimeTelemetry" />
<Add Type="Microsoft.ApplicationInsights.RuntimeTelemetry.ApmcModule, Microsoft.ApplicationInsights.RuntimeTelemetry" />
</TelemetryModules>
<ContextInitializers>
<Add Type="Microsoft.ApplicationInsights.Contexts.ComponentContextInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.DeviceContextInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Web.AzureRoleEnvironmentContextInitializer, Microsoft.ApplicationInsights.Web" />
</ContextInitializers>
<TelemetryInitializers>
<Add Type="Microsoft.ApplicationInsights.Core.TimestampPropertyInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.NetBiosMachineNameTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.OperatingSystemTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.ProcessIdTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.ProcessNameTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.ThreadIdTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Contexts.ThreadLanguageTelemetryInitializer, Microsoft.ApplicationInsights" />
<Add Type="Microsoft.ApplicationInsights.Web.TelemetryInitializers.WebOperationNameTelemetryInitializer, Microsoft.ApplicationInsights.Web" />
<Add Type="Microsoft.ApplicationInsights.Web.TelemetryInitializers.WebOperationIdTelemetryInitializer, Microsoft.ApplicationInsights.Web" />
</TelemetryInitializers>
<InstrumentationKey>....</InstrumentationKey>
<ResourceID>.....</ResourceID>
<StatusMonitor>0.10.0-build23829</StatusMonitor>
</ApplicationInsights>
There is a blog post that describes what is collected out of the box and what you need to do in other cases: http://blogs.msdn.com/b/visualstudioalm/archive/2014/12/12/application-insights-exception-telemetry.aspx
AI will not see the exceptions that you may have handled in any global exception handlers. I suspect that may be contributing to what you find. If you do use global exception handlers, you could use the TrackException from AI SDK in the handler, that will then send them to AI.
I have both a dev and prod environment set up on two different virtual directories on the same virtual machine and following Configuring Multiple WMS Instances to try and get them both set up properly. They appear to be working fine as I can see workflow instances being persisted in for the appropriate environments based on the client that is connecting to them. The problem comes in trying to view the persisted instances within IIS Manager. I get the following errors:
IIS Error Displayed when trying to look at persisted instances
Error message presented when clicking on "Error(s) encountered" link
(* I appologize, I don't know how to upload images directly into this post *)
The relevant configuration files I have are as follows:
Default Web.Config
<microsoft.applicationServer>
<monitoring lockElements="bulkCopyProviders, collectors">
<bulkCopyProviders>
<bulkCopyProvider providerName="System.Data.SqlClient" type="Microsoft.ApplicationServer.Monitoring.EventCollector.SqlServerBulkCopy, Microsoft.ApplicationServer.Monitoring, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</bulkCopyProviders>
<collectors>
<collector name="" session="0">
<settings retryCount="5" eventBufferSize="10000" retryWait="00:00:15" samplingInterval="00:00:05" aggregationEnabled="true" />
</collector>
</collectors>
<default enabled="true" connectionStringName="ProductionApplicationServerMonitoringConnectionString" monitoringLevel="HealthMonitoring" />
</monitoring>
<persistence>
<instanceStoreProviders lockItem="true">
<add name="SqlPersistenceStoreProvider" storeProvider="Microsoft.ApplicationServer.StoreProvider.Sql.SqlWorkflowInstanceStoreProvider, Microsoft.ApplicationServer.StoreProvider, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" storeControlProvider="Microsoft.ApplicationServer.StoreManagement.Sql.Control.SqlInstanceControlProvider, Microsoft.ApplicationServer.StoreManagement, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" storeQueryProvider="Microsoft.ApplicationServer.StoreManagement.Sql.Query.SqlInstanceQueryProvider, Microsoft.ApplicationServer.StoreManagement, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</instanceStoreProviders>
<workflowManagement>
<workflowManagementServiceInstances lockItem="true">
<workflowManagementServiceInstance name="">
<instanceStores>
<instanceStore name="productionSqlPersistenceStore" location="Workflows.Prod" />
</instanceStores>
</workflowManagementServiceInstance>
<workflowManagementServiceInstance name="Dev">
<instanceStores>
<instanceStore name="devSqlPersistenceStore" location="Workflows.Dev" />
</instanceStores>
</workflowManagementServiceInstance>
</workflowManagementServiceInstances>
</workflowManagement>
<instanceStores>
<add name="devSqlPersistenceStore" provider="SqlPersistenceStoreProvider" connectionStringName="ApplicationServerWorkflowInstanceStoreConnectionString" />
<add name="productionSqlPersistenceStore" provider="SqlPersistenceStoreProvider" connectionStringName="ProductionApplicationServerWorkflowInstanceStoreConnectionString" />
</instanceStores>
</persistence>
<hosting>
<serviceManagement endpointConfiguration="ServiceManagementNetPipeEndpoint" enabled="true" authorizedWindowsGroup="AS_Administrators" />
</hosting>
</microsoft.applicationServer>
<connectionStrings>
<add connectionString="BigSecret" name="ApplicationServerMonitoringConnectionString" />
<add connectionString="BigSecret" name="ApplicationServerWorkflowInstanceStoreConnectionString" />
<add connectionString="BigSecret" name="ProductionApplicationServerMonitoringConnectionString" />
<add connectionString="BigSecret" name="ProductionApplicationServerWorkflowInstanceStoreConnectionString" />
</connectionStrings>
Production Web.Config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<protocolMapping>
<remove scheme="net.pipe" />
</protocolMapping>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
<sqlWorkflowInstanceStore instanceCompletionAction="DeleteAll" instanceEncodingOption="None" instanceLockedExceptionAction="NoRetry" connectionStringName="ProductionApplicationServerWorkflowInstanceStoreConnectionString" hostLockRenewalPeriod="00:00:30" runnableInstancesDetectionPeriod="00:00:05" />
<workflowInstanceManagement authorizedWindowsGroup="AS_Administrators" />
<workflowUnhandledException action="AbandonAndSuspend" />
<workflowIdle timeToPersist="00:00:00" timeToUnload="00:01:00" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<microsoft.applicationServer>
<monitoring lockElements="bulkCopyProviders, collectors">
<default enabled="true" connectionStringName="workflowStoreConnectionString" monitoringLevel="HealthMonitoring" />
</monitoring>
<persistence>
<instanceStores>
<remove name="defaultSqlPersistenceStore" />
<add name="defaultSqlPersistenceStore" provider="SqlPersistenceStoreProvider" connectionStringName="workflowStoreConnectionString" />
</instanceStores>
</persistence>
<hosting>
<serviceManagement endpointConfiguration="ServiceManagementNetPipeEndpoint" enabled="false" />
</hosting>
</microsoft.applicationServer>
<connectionStrings>
<add connectionString="BigSecret" name="workflowStoreConnectionString" />
</connectionStrings>
</configuration>
Dev Web.Config - Same as Production but with different connection string
Any help in resolving the error messages and being able to view the persisted instances is appreciated. TIA. JH
Turns out the issue was the result of the msi installer not properly running the sql scripts, failing silently and thus missing some of the tables. Re-running the scripts manually (Create_Persistence_Schema.sql, Create_Persistence_Logic.sql, Create_Monitoring_Schema.sql and Create_Monitoring_Logic.sql located in C:\windows\System32\AppFabric\Schema) corrected the issue.
Currently my web.config has this:
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
If i have to connect to multiple db's I would like my web.config to have the following
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
<!--This section needs to hold data for another db server -->
<appSettings>
<add key="UserName" />
<add key="DBServer" />
<add key="DBUserName" />
<add key="DBPwd" />
<add key="DB" />
</appSettings>
The key names should be the same. Or is having multiple connection string sections the way to go?
You should use the <connectionStrings> section for this, it's exactly what it was designed to do :)
You can find more resources on MSDN for how to access your connection strings in this section.