Set Authentication for webconfig
-
Hi Friends, I need a help.In my application i set the connectionstrings and all settings in webconfig file.But anyone can edit teh webconfig.Is there any option to protect the webconfig editing in .net application as in access database.If anyone tries to edit the webconfig ask username and password.If the entered username and password is correct only the user have to edit the whole webconfig. Send some queries to solve it.Because after publishing alos if anyone tries he can simply edit the webconfig.So i think in this way.
-
Hi Friends, I need a help.In my application i set the connectionstrings and all settings in webconfig file.But anyone can edit teh webconfig.Is there any option to protect the webconfig editing in .net application as in access database.If anyone tries to edit the webconfig ask username and password.If the entered username and password is correct only the user have to edit the whole webconfig. Send some queries to solve it.Because after publishing alos if anyone tries he can simply edit the webconfig.So i think in this way.
Does he has access to the server in which your application is hosted ? Its impossible to access the web config and machine config file from browser...
Regards, Vengat P
-
Does he has access to the server in which your application is hosted ? Its impossible to access the web config and machine config file from browser...
Regards, Vengat P
Not from the browser sir.If anyone open the config file in the application ask username and password first and if both are correct only he can edit the config files in the application.
-
Hi Friends, I need a help.In my application i set the connectionstrings and all settings in webconfig file.But anyone can edit teh webconfig.Is there any option to protect the webconfig editing in .net application as in access database.If anyone tries to edit the webconfig ask username and password.If the entered username and password is correct only the user have to edit the whole webconfig. Send some queries to solve it.Because after publishing alos if anyone tries he can simply edit the webconfig.So i think in this way.
You can encrypt sections of the web.config file: http://weblogs.asp.net/scottgu/archive/2006/01/09/434893.aspx[^]
-
You can encrypt sections of the web.config file: http://weblogs.asp.net/scottgu/archive/2006/01/09/434893.aspx[^]
Thanks for your kind reply sir.Actually my question is not that.We can secure the access database file by setting username and password.When anyone tries to open the file they ask password.Like that is there any way to secure my webconfig file in an application.If anyone tries to open the config file ask password(not in browser) and if teh password is correct only he can open the config file.Please i need that secureation.Not encrypting teh connectionstrings and not.
-
Thanks for your kind reply sir.Actually my question is not that.We can secure the access database file by setting username and password.When anyone tries to open the file they ask password.Like that is there any way to secure my webconfig file in an application.If anyone tries to open the config file ask password(not in browser) and if teh password is correct only he can open the config file.Please i need that secureation.Not encrypting teh connectionstrings and not.
If your server is properly secured you shouldn't have this problem. Make sure that only the relevant personel can log in to the server, or if it is shared, restrict write access on the web.config file to specific users using standard windows security.