DPAPI and config files

[Dan Amiga]

Hello. This is about DPAPI and configuration files.
Basically, what I understand is when loading the exe assembly the framework
takes parameters from the config file and loads them.
I want to store THE ENTIRE web.config ( or any other config file ) using
DPAPI.

That is - I want to develop a component which intercept the frameworks
request to the web.config, decrypt the config file stored in the DPAPI
protected storage and give it to the framework for regular execution.

The thing is - I want it to be transparent. I don't want other development
teams to be concered and implement this logic in their applications.

Any idea's ?

Dan Amiga,
Israel.

[Paul Glavich [MVP - ASP.NET]]

The configuration application block offers similar functionality but
relegates most of the config info to another file (not the web.config) and
encrypts that.

[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/cmab.asp[/url]

--
- Paul Glavich
Microsoft MVP - ASP.NET


"Dan Amiga" <dan.amiga@ness.com> wrote in message
news:eQem$NoiEHA.2448@TK2MSFTNGP12.phx.gbl...

> Hello. This is about DPAPI and configuration files.
> Basically, what I understand is when loading the exe assembly the

framework

> takes parameters from the config file and loads them.
> I want to store THE ENTIRE web.config ( or any other config file ) using
> DPAPI.
>
> That is - I want to develop a component which intercept the frameworks
> request to the web.config, decrypt the config file stored in the DPAPI
> protected storage and give it to the framework for regular execution.
>
> The thing is - I want it to be transparent. I don't want other development
> teams to be concered and implement this logic in their applications.
>
> Any idea's ?
>
> Dan Amiga,
> Israel.
>
>
>
>
>
>

[Dan Amiga]

I am talking about Framework config files, not only Web.Config, also
Machine.config, etc.
How does this application block handels options that must exists before the
assembly loads such as processmodel / impersonation ?




"Paul Glavich [MVP - ASP.NET]" <glav@aspalliance.com-NOSPAM> wrote in
message news:eNMsN92iEHA.340@TK2MSFTNGP10.phx.gbl...

> The configuration application block offers similar functionality but
> relegates most of the config info to another file (not the web.config) and
> encrypts that.
>
>

[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/[/url]
cmab.asp

>
> --
> - Paul Glavich
> Microsoft MVP - ASP.NET
>
>
> "Dan Amiga" <dan.amiga@ness.com> wrote in message
> news:eQem$NoiEHA.2448@TK2MSFTNGP12.phx.gbl...

> > Hello. This is about DPAPI and configuration files.
> > Basically, what I understand is when loading the exe assembly the

> framework

> > takes parameters from the config file and loads them.
> > I want to store THE ENTIRE web.config ( or any other config file ) using
> > DPAPI.
> >
> > That is - I want to develop a component which intercept the frameworks
> > request to the web.config, decrypt the config file stored in the DPAPI
> > protected storage and give it to the framework for regular execution.
> >
> > The thing is - I want it to be transparent. I don't want other

development

> > teams to be concered and implement this logic in their applications.
> >
> > Any idea's ?
> >
> > Dan Amiga,
> > Israel.
> >
> >
> >
> >
> >
> >

>
>

[Joe Kaplan \(MVP - ADSI\)]

I don't believe you can do what you want to do as there are no hooks into
the configuration file APIs at the level you need. The best you could do
would be to encrypt specific data or use something like the configuration
application block as previously mentioned.

Joe K.

"Dan Amiga" <dan.amiga@ness.com> wrote in message
news:eg3mdI3iEHA.356@tk2msftngp13.phx.gbl...

> I am talking about Framework config files, not only Web.Config, also
> Machine.config, etc.
> How does this application block handels options that must exists before

the

> assembly loads such as processmodel / impersonation ?
>
>
>
>
> "Paul Glavich [MVP - ASP.NET]" <glav@aspalliance.com-NOSPAM> wrote in
> message news:eNMsN92iEHA.340@TK2MSFTNGP10.phx.gbl...

> > The configuration application block offers similar functionality but
> > relegates most of the config info to another file (not the web.config)

and

> > encrypts that.
> >
> >

>

[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/[/url]

> cmab.asp

> >
> > --
> > - Paul Glavich
> > Microsoft MVP - ASP.NET
> >
> >
> > "Dan Amiga" <dan.amiga@ness.com> wrote in message
> > news:eQem$NoiEHA.2448@TK2MSFTNGP12.phx.gbl...

> > > Hello. This is about DPAPI and configuration files.
> > > Basically, what I understand is when loading the exe assembly the

> > framework

> > > takes parameters from the config file and loads them.
> > > I want to store THE ENTIRE web.config ( or any other config file )

using

> > > DPAPI.
> > >
> > > That is - I want to develop a component which intercept the frameworks
> > > request to the web.config, decrypt the config file stored in the DPAPI
> > > protected storage and give it to the framework for regular execution.
> > >
> > > The thing is - I want it to be transparent. I don't want other

> development

> > > teams to be concered and implement this logic in their applications.
> > >
> > > Any idea's ?
> > >
> > > Dan Amiga,
> > > Israel.
> > >
> > >
> > >
> > >
> > >
> > >

> >
> >

>
>

[Dan Amiga]

Thanks,
It's already a progress if you understood what I wanted :)
How can I be sure there are no Hooks into it ?
Where else can I post for info ?

"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
in message news:eOZ8ot3iEHA.3016@tk2msftngp13.phx.gbl...

> I don't believe you can do what you want to do as there are no hooks into
> the configuration file APIs at the level you need. The best you could do
> would be to encrypt specific data or use something like the configuration
> application block as previously mentioned.
>
> Joe K.
>
> "Dan Amiga" <dan.amiga@ness.com> wrote in message
> news:eg3mdI3iEHA.356@tk2msftngp13.phx.gbl...

> > I am talking about Framework config files, not only Web.Config, also
> > Machine.config, etc.
> > How does this application block handels options that must exists before

> the

> > assembly loads such as processmodel / impersonation ?
> >
> >
> >
> >
> > "Paul Glavich [MVP - ASP.NET]" <glav@aspalliance.com-NOSPAM> wrote in
> > message news:eNMsN92iEHA.340@TK2MSFTNGP10.phx.gbl...

> > > The configuration application block offers similar functionality but
> > > relegates most of the config info to another file (not the web.config)

> and

> > > encrypts that.
> > >
> > >

> >

>

[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/[/url]

> > cmab.asp

> > >
> > > --
> > > - Paul Glavich
> > > Microsoft MVP - ASP.NET
> > >
> > >
> > > "Dan Amiga" <dan.amiga@ness.com> wrote in message
> > > news:eQem$NoiEHA.2448@TK2MSFTNGP12.phx.gbl...
> > > > Hello. This is about DPAPI and configuration files.
> > > > Basically, what I understand is when loading the exe assembly the
> > > framework
> > > > takes parameters from the config file and loads them.
> > > > I want to store THE ENTIRE web.config ( or any other config file )

> using

> > > > DPAPI.
> > > >
> > > > That is - I want to develop a component which intercept the

frameworks

> > > > request to the web.config, decrypt the config file stored in the

DPAPI

> > > > protected storage and give it to the framework for regular

execution.

> > > >
> > > > The thing is - I want it to be transparent. I don't want other

> > development

> > > > teams to be concered and implement this logic in their

applications.

> > > >
> > > > Any idea's ?
> > > >
> > > > Dan Amiga,
> > > > Israel.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>