Paul Maddox

Technical lead engineer specialising in Visual C++/C# for Internet security software from the Northwest of England Experience working in a globalised business and team; understanding of enterprise business operation and practices; experience reporting to executive management Skills in numerous languages and technologies; knowledge of formal software development lifecycle; experience of architecture design

Thursday, August 28, 2008

Encrypting ASP.NET web.config impersonation data

It always irked me that using impersonate for my ASP.NET web apps meant I had to expose the username and password in plain text. Eg./

<identity impersonate="true" username="BOB" password="NOTSOSECRET">

Luckily it irked someone at Microsoft too and they came out with a hotfix allowing the credentials to be stored in encrypted form in the registry.

http://support.microsoft.com/kb/329290

# posted by Paul Maddox @ 12:13 PM 0 Comments

Subscribe to Posts [Atom]

Links

• Google News
• Edit-Me
• Edit-Me

Archives

• November 2005
• April 2006
• September 2006
• October 2006
• January 2007
• March 2007
• May 2007
• June 2007
• August 2007
• November 2007
• March 2008
• May 2008
• August 2008
• November 2008
• December 2008