views:

2256

answers:

5

I have a console capplication that runs on the same computer that hosts a bunch of web.config files. I need the console application to open each web.config file and decrypt the connection string and then test if the connection string works.

The problem I am running into is that OpenExeConfiguration is expecting a winforms application configuration file (app.dll.config) and OpenWebConfiguration needs to be run through IIS. Since this is my local machine, I'm not running IIS (I use Visual Studio's built-in server).

Is there a way I can open the web.config files while still getting the robustness of .NET's capabilities to decrypt the connectionstrings?

Thanks

Update The OpenWebConfiguration works if you are querying IIS directly or are the website in question that you want to look up the web.config for. What I am looking to accomplish is the same sort of functionality, but from a console application opening up the web.config file of a website on my same machine not using an IIS query because IIS isn't running on my machine.

+2  A: 

The when the ConfigurationManager class grab a section from the config file, it has an "IsProtected" property that it can infer for a given section that you grab. If it is protected, you can then Unprotect it using some code.

The basic method for encrypting/decrypting goes like this (taken from article link below):

private void ProtectSection(string sectionName, string provider)
{
    Configuration config =
        WebConfigurationManager.
            OpenWebConfiguration(Request.ApplicationPath);

    ConfigurationSection section =
                 config.GetSection(sectionName);

    if (section != null &&
              !section.SectionInformation.IsProtected)
    {
        section.SectionInformation.ProtectSection(provider);
        config.Save();
    }
}

private void UnProtectSection(string sectionName)
{
    Configuration config =
        WebConfigurationManager.
            OpenWebConfiguration(Request.ApplicationPath);

    ConfigurationSection section =
              config.GetSection(sectionName);

    if (section != null &&
          section.SectionInformation.IsProtected)
    {
        section.SectionInformation.UnprotectSection();
        config.Save();
    }
}

Check out this article for the full details on working with this.

Dillie-O
Hi,I understand how to test for protected sections, the problem is that I'm trying to open a web.config file from a console application. The example you provided shows a web application opening its own web.config file.
Josh
+1 late in arrival, since i used the methods you submitted in your answer seems like i should give you an upvote.
Jeff Martin
A: 

I think you want to use WebConfigurationManager class with its OpenWebConfiguration method.

It takes a path to the web.config and should open it just like it would in a HTTPContext based application.

Jeff Martin
+7  A: 

Ok I got it... compiled and accessed this so i know it works...

      VirtualDirectoryMapping vdm = new VirtualDirectoryMapping(@"C:\test", true);
            WebConfigurationFileMap wcfm = new WebConfigurationFileMap();
            wcfm.VirtualDirectories.Add("/", vdm);


            // Get the Web application configuration object.
            Configuration config = WebConfigurationManager.OpenMappedWebConfiguration(wcfm, "/");

            ProtectSection(config, @"connectionStrings", "DataProtectionConfigurationProvider");

This is assuming you have a file called web.config in a directory called C:\Test.

I adjusted @Dillie-O's methods to take a Configuration as a parameter.

You must also reference System.Web and System.configuration and any dlls containing configuration handlers that are set up in your web.config.

Jeff Martin
Sweet! Thanks for the help~
Josh
I only mention this because you are new (by the points you have) you can also upvote my answer in addition to marking it the right one.
Jeff Martin
A: 

I Don't Know Guys , if you have give me that ans .

M.Anand
A: 

Excellent...answered my question precisely!