How to pass password to AdoNetAppender? > Log4Net Mail Archive

Unanswered Active Topics

Forums Search

Subject: How to pass password to AdoNetAppender?

You are not authorized to post a reply.

Author

Messages

Bernhard Heinzel

10/22/2008 2:08 PM
Hi, another Question from the new guy. I want to pass the username and password for the database to the AdoNetAppender. The two ways I found were: * Plaintext in the config file. * 'Plaintext' in the sourcecode. Both ways are not optimal, so were I missing something? Is there a smarter way of passing a password? Thanks in advance. Regards Bernhard Connect to the next generation of MSN Messenger Get it now!

Georg Jansen

10/22/2008 2:56 PM
Bernhard, This maybe of the point in your case, but have you considered using integrated security? You could store the username and password encrypted, but then you have the added problem of securing the encryption key. Maybe one of the links below is useful: http://msdn.microsoft.com/en-us/library/89211k9b.aspx http://www.theserverside.net/tt/articles/showarticle.tss?id=NewSecurityFeatures Best regards Georg Log4Net Dashboard – Log Analysis and Monitoring made easy! http://www.l4ndash.com

Bernhard Heinzel

10/22/2008 4:17 PM
Thanks Georg. Unfortunatly integrated Security is not an option. Seems it is not as trivial as it seems... Any other suggestions? Bernhard

Michael Richman

10/22/2008 4:55 PM
You can set the connection string in code, here is some sample code, you only have to do this once and then you can use the AdoNetAppender multiple times. log4net.Config.XmlConfigurator.Configure(); log4net.Repository.Hierarchy.Hierarchy h = (log4net.Repository.Hierarchy.Hierarchy) log4net.LogManager.GetRepository(); log4net.Appender.AdoNetAppender adoAppender = (log4net.Appender.AdoNetAppender) h.Root.GetAppender("AdoNetAppender_UserLog"); adoAppender.ConnectionString = <set your connection string here>;

Bernhard Heinzel

10/22/2008 5:11 PM
Thanks Michael. But my Problem is that I have to configure the AdoNetAppender with a config file so I don't have to recompile if I change the database.

Michael Richman

10/22/2008 5:16 PM
We store the encrypted connection string in the app.config file. We read it in, then decrypt it, then pass it to log4net. That way, we have it in a config file and don't have to recompile when it changes.

Roy Chastain

10/22/2008 5:17 PM
Store the encrypted information in a config file. Use a setup program to solicit and encrypt the information. Use the DPAPI wrapper code (System.Security.Cryptography.ProtedData) in .Net 2.0 and up to encrypt, decrypt and protect the keys. Very simple to use. ------------------------------------------------------------------------ ---------- Roy Chastain

Jeegnesh Sheth

10/22/2008 5:17 PM
Hi, Not sure if this helps. Can you connection string point to something like this www.somewhere.com as your DNS alias and in your dns entries www.somewhere.com maps to your IP. This way if you switch the database around, all you do is map the DNS alias to a new IP as long as the schemas as same?

Bernhard Heinzel

10/22/2008 5:30 PM
Thanks for the many answers. It works with storing the encrypted password in the config file. So Problem solved. Regards Bernhard

You are not authorized to post a reply.

Forums > Log4Net > Log4Net Mail archive > How to pass password to AdoNetAppender?