Ask a Question related to ASP.NET Security, Design and Development.
-
Mike #1
Application Object
How easy is it for a hacker to access data stored in the Application Object in IIS server. I want to store a decrpyted connection string there rather that decrypting it everytime I access the database. Currently I use dpapi on a encryption key stored in the registry the use the encrytion key to decrypt the connection string. Using windows authentication is not an option since the iis server is in the dmz
Thanks
Mike Guest
-
Object in application state
If have an object with a variable i stored in the application state in the asp.net application. Is there a way to force this object in the... -
When to lock application object
I know you should lock and unlock an application vaiable when updating it but should you also lock it prior to reading the value from it? My... -
Locking Application object
if I lock the Application object and modify it will an exception be thrown when another request tries to access it while it is locked. I am... -
Application object lifetime
Hi, how can I control the Application's life time in a service like: public class MyService : System.Web.Services.WebService { public int... -
Access to Application object from exe
Hi, I have many virtual directory with my web app. I'd like to create one exe appliaction to administrating these web apps. Is it possible to... -
WJ #2 Re: Application Object
When you say "Application Object" I assume that you mean Global Asax. I
think Global Asax is safe to store sensitive data while your user surfing
your site. Unless there is an insider help to plant a code inside your box
to monitor and snatch the data, I donot think how hackers can do this from
outside.
John
"Mike" <anonymous@discussions.microsoft.com> wrote in message
news:CA709069-8683-4F14-BC0B-A139911129A2@microsoft.com...Object in IIS server. I want to store a decrpyted connection string there> How easy is it for a hacker to access data stored in the Application
rather that decrypting it everytime I access the database. Currently I use
dpapi on a encryption key stored in the registry the use the encrytion key
to decrypt the connection string. Using windows authentication is not an
option since the iis server is in the dmz.>
> Thanks
WJ Guest
-
Mike #3 Re: Application Object
Hi, John thanks for replying, what I mean by application object is the "Application" collection stored in the memory of the iis server
From MSDN
Platform SDK: Internet Information Services
Application Objec
You can use the Application object to share information among all users of a given application. An ASP-based application is defined as all the .asp files in a virtual directory and its subdirectories. Because the Application object can be shared by more than one user, there are Lock and Unlock methods to ensure that multiple users do not try to alter a property simultaneously
Mike Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
