How can read encrypted connection string in roleManager ASP.NET

Question

pls help, i don't know how to use a Encrypted ConnectionString with RoleManager in ASP.NET This is code in Web.config.

<connectionStrings>
    <add name="strConnectionString" connectionString="eF8w9r2UJOsk0Ps3pxmV7/Fy/xPR2hN2S7BrC1iOYNnAUaI8AqkSm5bw7r+ta4sePWSV9t/3Spnpz6wsFpvMmcppNpqM5Zk7iiDqWVgIV4k="/>    
</connectionStrings>

<roleManager enabled="true" defaultProvider="CustomizedRoleProvider">
  <providers>
    <add connectionStringName="strConnectionString" name="CustomizedRoleProvider" type="System.Web.Security.SqlRoleProvider" />
  </providers>
</roleManager>   
<membership defaultProvider="CustomizedMembershipProvider">
  <providers>
    <add connectionStringName="strConnectionString" name="CustomizedMembershipProvider" type="System.Web.Security.SqlMembershipProvider"/>
  </providers>
</membership>

And in project I create a library to read web config

private const string ConnectionStringKey = "strConnectionString";
private readonly string SQLConnectionString =
   Security.DecryptString(ConfigurationManager.ConnectionStrings[ConnectionStringKey].ConnectionString);

if I change my ConnectionString like this, it's working:

 <add name="strConnectionString" connectionString="server=My-PC\\MSSQL2008; database=MyDB; uid=sa; pwd=passw0rd;"/>

But I want my ConnectionString Encrypted so i use

<add name="strConnectionString" connectionString="eF8w9r2UJOsk0Ps3pxmV7/Fy/xPR2hN2S7BrC1iOYNnAUaI8AqkSm5bw7r+ta4sePWSV9t/3Spnpz6wsFpvMmcppNpqM5Zk7iiDqWVgIV4k="/>

So when i running website it throw error:

System.ArgumentException:Keyword not supported: 'eF8w9r2UJOsk0Ps3pxmV7/Fy/xPR2hN2S7BrC1iOYNnAUaI8AqkSm5bw7r+ta4sePWSV9t/3Spnpz6wsFpvMmcppNpqM5Zk7iiDqWVgIV4k='.
Line 46:   string[] roleNames;
Line 47:   roleNames = Roles.GetAllRoles();

Any one help me find it out or any suggestion ?

related http://stackoverflow.com/questions/1706613/encrypting-connection-string-in-web-config?rq=1 — Amitd, Oct 20 '12 at 08:33
Sorry may you don't understand my question, i don't talk about how to encrypt ConnectionString or add Membership Provider to an existed database. My problem is how to use Encrypted ConnectionString with RoleManager. Are you try it before ? — Kentazy, Oct 20 '12 at 08:45
i haven't but dont think "connectionstring" can have that format/syntax. — Amitd, Oct 20 '12 at 08:53

score 0 · Answer 1 · answered Oct 22 '12 at 23:46

Why not just use Protected Configuration? It's built in for you.

If you really want to use your own, how did you create your encrypted string? I assume you're using a third-party library like this one, since that method doesn't exist in the System.Security namespace. My guess would be that you encrypted it in a way that supplied the key, but when decrypting, you aren't using the same key, or the Decrypt method is just broken. It's really hard to tell without knowing more about the library.

score 0 · Answer 2 · answered Oct 23 '12 at 00:33

I'm not sure this has anything to do with the fact you're using the Roles Membership provider.

You are asking for a ConnectionStringSettings object before you have decrypted the value;

ConfigurationManager.ConnectionStrings[ConnectionStringKey].ConnectionString

The code is trying to automatically parse the keyword pairs it would normally find in an unencrypted connection string. The error you have is that it doesn't recognise a keyword as your encrypted version doesn't have any keyword pairs.

You need to get the config value, decrypt it and then create the ConnectionStringSettings object it represents. You can then access the ConnectionString property from that.

Assuming your decrypt method has access to the necessary encryption keys try something like this;

  string ConnectionStringKey = "strConnectionString";
  string encryptedConnection = ConfigurationManager.ConnectionStrings[ConnectionStringKey].ToString();
  string unencryptedConnection = Security.DecryptString(encryptedConnection);

  ConnectionStringSettings connection = new ConnectionStringSettings("SQL", unencryptedConnection);
  string SQLConnectionString = connection.ConnectionString;

You should probably wrap this in some exception handling but I hope you get the idea.

score 0 · Answer 3 · answered Oct 23 '12 at 06:42

@SilverbackNet: yes, look like the same you talk, in the library I have a class security with both Encrypt and Decrypt methods. When connect to DB I using my SQLHelper to get config value and Decrypt it. All project work with no problem. But when I working with Role and Membership, I found that can't use default config RoleManager and Membership as you said the method to read ConnectionString Encrypted doesn't exist in the System.Security namespace. So I should make another way to recreate RoleProvider and MembershipProvider override all methods. In the Web.config will be change like that:

namespace Library.Roles
{
  public class MyRoleProvider : RoleProvider
  {
     //code override all method in Roles
  }
}

namespace Library.Membership
{
  public class MyMembershipProvider : MembershipProvider
  {
     //code override all method in MembershipProvider
  }
}

web.config

 <roleManager enabled="true" defaultProvider="MyRoleProvider">
      <providers>
        <add connectionStringName="strConnectionString" name="MyRoleProvider" type="Library.Roles.MyRoleProvider" />
      </providers>
    </roleManager>   
    <membership defaultProvider="MyMembershipProvider">
      <providers>
        <add connectionStringName="strConnectionString" name="MyMembershipProvider" type="Library.Membership.MyMembershipProvider"/>
      </providers>
    </membership>

How can read encrypted connection string in roleManager ASP.NET

3 Answers3