Is it possible to store encrypted connection string so it can be used from server-side vbscript? Was there an equivalent of web.config in 'the good old days'?
+3
A:
As I dust off the ol' memory banks...
I recall that in classic ASP systems, we would put the connection string (and most other config settings) in the Windows registry, in a custom registry key for the web app. We'd use a COM DLL to read the settings.
You can encrypt the connection string that is stored in the registry, but you will have to roll your own encryption/decryption.
So the answer is yes, it is definitely possible, but there is no easy tooling built into the framework to encrypt/decrypt on the fly, you have to do it yourself.
Guy Starbuck
2008-12-03 16:17:59
You don't need the registry, a file would do the key thing is a DLL gives you a fighting chance of hiding the means of decryption.
AnthonyWJones
2008-12-05 16:51:32
+2
A:
.Net has all the encryption and decryption code built in so the easiest way to encrypt the string is to use the .Net encryption/decryption functions. Create a .Net component that does the decription and a COM callable wrapper for it which should register it. Then call it from your ASP page.