Encrypting ASP.NET web.config impersonation data
It always irked me that using impersonate for my ASP.NET web apps meant I had to expose the username and password in plain text. Eg./
<identity impersonate="true" username="BOB" password="NOTSOSECRET">
Luckily it irked someone at Microsoft too and they came out with a hotfix allowing the credentials to be stored in encrypted form in the registry.
http://support.microsoft.com/kb/329290
<identity impersonate="true" username="BOB" password="NOTSOSECRET">
Luckily it irked someone at Microsoft too and they came out with a hotfix allowing the credentials to be stored in encrypted form in the registry.
http://support.microsoft.com/kb/329290
posted by . @ 12:13 PM
0 Comments
