0

I'm having a Library Application in C#. It contains all EDMX files and Database accessing methods. I created one Console application, in that I refereed that Library DLL to access the methods. But the console application expects the Connection String in local App.Config file. I need a Security, how to access the DLL without specifying the Connection String in the Console Application ?

Is there is any other way is there to achieve the requirement. Kindly assist me.

B.Balamanigandan
  • 4,713
  • 11
  • 68
  • 130
  • It is common to use integrated security so you don't need to put a username and password in the connection string. Are you also trying to hide the server and database name? The only way to truly hide this from the user is to use a distributed service for data access, don't do it from the application directly. – Crowcoder Dec 02 '16 at 13:12

1 Answers1

1

You must provide the connection string in order to access the database. If you can't use integrated security then I suggest you to keep keep the connection string encrypted in the app.config file, in the <appSettings></appSettings> section and decrypt it in the console app before sending it to the business layer.

Consult this answer for how to encrypt/decrypt strings: Simple two way encryption for C#

Community
  • 1
  • 1
Marjan Slavkovski
  • 633
  • 1
  • 7
  • 20
  • If your app can decrypt it, then a savvy user can too. – Crowcoder Dec 02 '16 at 13:25
  • If savvy user can't then NSA will certainly do. But let's get back to the problem here. – Marjan Slavkovski Dec 02 '16 at 13:48
  • If you store the key such that you can decrypt it then you have the same problem as connection string. – Crowcoder Dec 02 '16 at 13:51
  • That's why people invented public and private keys, there are thousands of encryption algorithms. If you can help the guy that posted the question then please feel free to do so. Otherwise any non-related comments are not necessary. – Marjan Slavkovski Dec 02 '16 at 13:54
  • I am trying to help. It is the private key that decrypts, you don't give that to someone you are trying to hide the data from. – Crowcoder Dec 02 '16 at 14:04