views:

326

answers:

0

I have searched around Google and Stackoverflow but can't seen to come up with a solution for editing the web.config to encrypt and store a SQL Server connection string for an installation script.

The link at Accessing the web.config in Medium trust seems to suggest that the following code would work instead of OpenWebConfiguration, however this is not working on the local development server (running Medium Trust) or at Rackspace Cloud (formerly Mosso).

String cfgpath = Server.MapPath(@"/web.config");
cfg = System.Configuration.ConfigurationManager.OpenExeConfiguration(cfgpath);

Rackspoace Cloud can be setup to save files using Impersonation, however I am still receiving the "An error occurred loading a configuration file: Request for the permission of type 'System.Security.Permissions.FileIOPermission" error when catching the ConfigurationErrorsException.

Any ideas how I can edit the web.config to encrypt and store the SQL Server connection string during the installation script?

Update #1 It seems both DpapiProtectedConfigurationProvider and RsaProtectedConfigurationProvider require FullTrust. Are there any other solutions to protect the Web.config file further when using MediumTrust?