Microsoft .NET has a mechanism for encrypting sections of a configuration file. This is useful when this connection string contains usernames and passwords in plain text.
Solution:
Move the connection string from the site.xml into the web.config
In Essentials you can configure connection strings to your databases in order to be used in datalinks, search tables and workflows. The connection string is usually stored in plaintext in the site.xml for each site, and in the case of workflows, in the .xaml file. In order to encrypt a connection string used within a site, it must be moved from the site.xml to the web.config.
This has several advantages:
- The same connection string can be used in all the sites
- The connection string is not shown in Manager (so the username and password are not shown)
- When moving sites between environments you don't have to worry about reconfiguring the connection strings. The requirement is that a connection string with the same name exists in both places
- Workflows also have access to the connection strings stored in the web.config files
To create a data connection and store it in the web.config:
- Open Essentials Manager
- Edit a site and go to "Data Connections"
- Click "Add Data Connection" and follow the wizard
- Edit the newly created data connection
- Copy the contents of the "Connection String" into a notepad
- Remove the contents of the "Connection String" field.
- On the "Connection String Name" assign a name to the connection string (for example: "Connection to DBSERVER").
- Click Apply and Save
- Edit the file "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\REST\web.config"
- Look for the <connectionStrings> section and add the new connection string (you can use the string you copied into the notepad on step 5)
It will look like:
<connectionStrings> <add name="Connection to DBSERVER" connectionString="Data Source=dbserver;Initial Catalog=MyDatabase;Integrated Security=False;User ID=MyUsername;Password=MyPassword" /> </connectionStrings>
Note:The "Name" property has to match with the "Connection String Name" used on step 7.
- Add the same connection string to the same section of "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\Manager\Web.config"
These are all the steps required to store the connection string in the web.config. Now you can reuse this connection string across all your sites and workflows.
Encrypt the "connectionStrings" in Geocortex Essentials web.config file:
- Go to start, find the "cmd" application, right click it and run it as administrator
- In the command line go to the folder "C:\Windows\Microsoft.NET\Framework64\v4.0.30319>" (the .NET version might vary)
- Run the following commands:
aspnet_regiis -pef "connectionStrings" "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\REST"
aspnet_regiis -pef "connectionStrings" "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\Manager"
Note: The section "connectionStrings" can be changed to any other section
- In order to decrypt the section when changes are required run:
aspnet_regiis -pdf "connectionStrings" "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\REST"
aspnet_regiis -pdf "connectionStrings" "C:\Program Files (x86)\Latitude Geographics\Geocortex Essentials\Default\REST Elements\Manager"
Note: The path to the application does not contain the web.config file, just the folder.
Encrypt the "membership" provider section for Identity Server:
This section only applies if you are using Geocortex Identity Server using a .NET membership provider configured in the membership.config file.
Steps:
- Go to start, find the "cmd" application, right click it and run it as administrator
- In the command line go to the folder "C:\Windows\Microsoft.NET\Framework64\v4.0.30319>" (the .NET version might vary)
- Run the following command:
aspnet_regiis -pef "system.web/membership" "C:\Program Files (x86)\Latitude Geographics\Geocortex Identity Server\Web"
- To decrypt run:
aspnet_regiis -pdf "system.web/membership" "C:\Program Files (x86)\Latitude Geographics\Geocortex Identity Server\Web"
Comments
0 comments
Article is closed for comments.