Developers can now protect their connection strings from prying eyes in the .config file when using Paladin with a new tool called CSEncrypt. They can define Connection Decryption Keys (CDK) and keep them within their application. The framework will generate a pair of irreversible keys for the encryption/decryption. The task of protecting the CDK will be the responsibility of the developer.
The connection string in the config file will look something like the following:
To decrypt the connection, the following line is required:
Paladin.Configuration.DatabaseSectionHandler
.ConnectionDecryptKey = "MySecretKey";
In the Entity class, just put the following line in the constructor:
base.ConnectionName = "encrypted";
// where 'encrypted' is the name defined in the .config file.
That's all to it!
P.S. This feature will be publicly available in the 0.8.8 release.
5 comments:
This sounds like interesting. I was thinking about encrypting my config file and you came up with this. Nice timing!
Wei wei... no freeloading ah :p
Maybe I should make it LGPL. That should make you OSS your application as well or get you to contribute back to the project :p
Hahaha....no lar. I'm not "curi-ing" the code. ;)
Why don't you contribute some code? :)
How?
Post a Comment