Nota: esta clase es nueva en la versión 2.0 de .NET Framework.
Proporciona un objeto
ProtectedConfigurationProvider que utiliza la API de protección de datos (DPAPI) de Windows para cifrar y descifrar los datos de configuración.
Espacio de nombres: System.Configuration
Ensamblado: System.Configuration (en system.configuration.dll)
Visual Basic (Declaración)
Public NotInheritable Class DpapiProtectedConfigurationProvider
Inherits ProtectedConfigurationProvider
Dim instance As DpapiProtectedConfigurationProvider
public sealed class DpapiProtectedConfigurationProvider : ProtectedConfigurationProvider
public ref class DpapiProtectedConfigurationProvider sealed : public ProtectedConfigurationProvider
public final class DpapiProtectedConfigurationProvider extends ProtectedConfigurationProvider
public final class DpapiProtectedConfigurationProvider extends ProtectedConfigurationProvider
La clase DpapiProtectedConfigurationProvider permite proteger del acceso no autorizado la información confidencial almacenada en un archivo de configuración.
La clase DpapiProtectedConfigurationProvider estándar se utiliza declarando el proveedor y la configuración adecuados en el archivo de configuración, en lugar de crear una instancia de esta clase. Consulte el ejemplo siguiente.
Para obtener más información sobre la configuración protegida, vea Cifrar información de configuración mediante una configuración protegida.
La clase DpapiProtectedConfigurationProvider utiliza los servicios criptográficos integrados de Windows y se puede configurar para la protección específica de equipo o para la protección específica de cuenta de usuario. La protección específica de equipo es útil para los servicios anónimos pero proporciona menos seguridad. La protección específica de cuenta de usuario se puede utilizar con los servicios que se ejecutan con una identidad de usuario concreta.
En el ejemplo siguiente se muestra cómo utilizar la clase DpapiProtectedConfigurationProvider estándar para proteger o desproteger una sección de configuración.
Imports System
Imports System.Configuration
Public Class UsingDpapiProtectedConfigurationProvider
' Protect the connectionStrings section.
Private Shared Sub ProtectConfiguration()
' Get the application configuration file.
Dim config As System.Configuration.Configuration = _
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
' Define the Dpapi provider name.
Dim provider As String = _
"DataProtectionConfigurationProvider"
' Get the section to protect.
Dim connStrings As ConfigurationSection = _
config.ConnectionStrings
If Not (connStrings Is Nothing) Then
If Not connStrings.SectionInformation.IsProtected Then
If Not connStrings.ElementInformation.IsLocked Then
' Protect the section.
connStrings.SectionInformation.ProtectSection(provider)
connStrings.SectionInformation.ForceSave = True
config.Save(ConfigurationSaveMode.Full)
Console.WriteLine( _
"Section {0} is now protected by {1}", _
connStrings.SectionInformation.Name, _
connStrings.SectionInformation.ProtectionProvider.Name)
Else
Console.WriteLine( _
"Can't protect, section {0} is locked", _
connStrings.SectionInformation.Name)
End If
Else
Console.WriteLine( _
"Section {0} is already protected by {1}", _
connStrings.SectionInformation.Name, _
connStrings.SectionInformation.ProtectionProvider.Name)
End If
Else
Console.WriteLine( _
"Can't get the section {0}", _
connStrings.SectionInformation.Name)
End If
End Sub 'ProtectConfiguration
' Unprotect the connectionStrings section.
Private Shared Sub UnProtectConfiguration()
' Get the application configuration file.
Dim config As System.Configuration.Configuration = _
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
' Get the section to unprotect.
Dim connStrings As ConfigurationSection = _
config.ConnectionStrings
If Not (connStrings Is Nothing) Then
If connStrings.SectionInformation.IsProtected Then
If Not connStrings.ElementInformation.IsLocked Then
' Unprotect the section.
connStrings.SectionInformation.UnprotectSection()
connStrings.SectionInformation.ForceSave = True
config.Save(ConfigurationSaveMode.Full)
Console.WriteLine( _
"Section {0} is now unprotected.", _
connStrings.SectionInformation.Name)
Else
Console.WriteLine( _
"Can't unprotect, section {0} is locked", _
connStrings.SectionInformation.Name)
End If
Else
Console.WriteLine( _
"Section {0} is already unprotected.", _
connStrings.SectionInformation.Name)
End If
Else
Console.WriteLine( _
"Can't get the section {0}", _
connStrings.SectionInformation.Name)
End If
End Sub 'UnProtectConfiguration
Public Shared Sub Main(ByVal args() As String)
Dim selection As String = String.Empty
If args.Length = 0 Then
Console.WriteLine( _
"Select protect or unprotect")
Return
End If
selection = args(0).ToLower()
Select Case selection
Case "protect"
ProtectConfiguration()
Case "unprotect"
UnProtectConfiguration()
Case Else
Console.WriteLine( _
"Unknown selection")
End Select
Console.Read()
End Sub 'Main
End Class 'UsingDpapiProtectedConfigurationProvider
using System;
using System.Configuration;
public class UsingDpapiProtectedConfigurationProvider
{
// Protect the connectionStrings section.
private static void ProtectConfiguration()
{
// Get the application configuration file.
System.Configuration.Configuration config =
ConfigurationManager.OpenExeConfiguration(
ConfigurationUserLevel.None);
// Define the Dpapi provider name.
string provider =
"DataProtectionConfigurationProvider";
// Get the section to protect.
ConfigurationSection connStrings =
config.ConnectionStrings;
if (connStrings != null)
{
if (!connStrings.SectionInformation.IsProtected)
{
if (!connStrings.ElementInformation.IsLocked)
{
// Protect the section.
connStrings.SectionInformation.ProtectSection(provider);
connStrings.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);
Console.WriteLine("Section {0} is now protected by {1}",
connStrings.SectionInformation.Name,
connStrings.SectionInformation.ProtectionProvider.Name);
}
else
Console.WriteLine(
"Can't protect, section {0} is locked",
connStrings.SectionInformation.Name);
}
else
Console.WriteLine(
"Section {0} is already protected by {1}",
connStrings.SectionInformation.Name,
connStrings.SectionInformation.ProtectionProvider.Name);
}
else
Console.WriteLine("Can't get the section {0}",
connStrings.SectionInformation.Name);
}
// Unprotect the connectionStrings section.
private static void UnProtectConfiguration()
{
// Get the application configuration file.
System.Configuration.Configuration config =
ConfigurationManager.OpenExeConfiguration(
ConfigurationUserLevel.None);
// Get the section to unprotect.
ConfigurationSection connStrings =
config.ConnectionStrings;
if (connStrings != null)
{
if (connStrings.SectionInformation.IsProtected)
{
if (!connStrings.ElementInformation.IsLocked)
{
// Unprotect the section.
connStrings.SectionInformation.UnprotectSection();
connStrings.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);
Console.WriteLine("Section {0} is now unprotected.",
connStrings.SectionInformation.Name);
}
else
Console.WriteLine(
"Can't unprotect, section {0} is locked",
connStrings.SectionInformation.Name);
}
else
Console.WriteLine(
"Section {0} is already unprotected.",
connStrings.SectionInformation.Name);
}
else
Console.WriteLine("Can't get the section {0}",
connStrings.SectionInformation.Name);
}
public static void Main(string[] args)
{
string selection = string.Empty;
if (args.Length == 0)
{
Console.WriteLine(
"Select protect or unprotect");
return;
}
selection = args[0].ToLower();
switch (selection)
{
case "protect":
ProtectConfiguration();
break;
case "unprotect":
UnProtectConfiguration();
break;
default:
Console.WriteLine("Unknown selection");
break;
}
Console.Read();
}
}
En el extracto de configuración siguiente se muestra la sección de configuración antes y después de aplicar la protección.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<connectionStrings>
<add name="NorthwindConnectionString"
connectionString="Data Source=webnetue2;Initial Catalog=Northwind;User ID=aspnet_test;Password=test"
providerName="System.Data.SqlClient" />
</connectionStrings>
</configuration>
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<connectionStrings>
<EncryptedData>
<CipherData> <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAcAMh0jIC1kigyFfd9AUZfQQAAAACAAAAAAADZgAAqAAAABAAAADQwbQ2DgIgIlqskE1RI9UpAAAAAASAAACgAAAAEAAAAAXlYBxi3jhM6wv4sxLhugsQAgAAgoReHZS2406dc/AyRDd6WuNr4ihHn6fbipd4tzHEmeuyS4o4fS4CmT3jMt/WjsP/kR7TF4ygwr2GG47podK79ECpVCZHAgctCauCYjE2Ls3iphKXy/pHic2o6aaClt/xPm+fb4OfODv6XjrJhJzGK2lqUPXkyJN1w2zwh6OVpDQF9N8vTyxL4eitp35/M5zYbW7e6VVAgYUOxlNxgCV5+jXpUKh/rPovopTD392u8KavqQFW1iu+gBPSPq/xeZNz+qYMKbUl+r4VTzBQg3fPlRxp1lNZmM2yRgUbkYPNaFb9ihS7GAg5/wZn8lLmThvq39eA0Vlp6hDE92iop885umELt0/NBKf5umQCqqz9EXXLbmmGc7qoLqTaYVuOmqx0LsvrJL0wSL1dSySCjmB/dNAtVUYgg02eWQNKyaLqnpMdCbTLLQ/oCKuNkL5OQ7t1yl5wQGjQhieIRzLtrMgpTSyaHbqDsRurp9Bc5mM078IAg1hXquQNKlJC/wiJ9kbHerFCbtuLGy/7nXVrFH91ud4U4ExCJEuhoTdmuql5kbqYd6Ye/bu2CftPni19nDkSJ8w4NoqMNKbK3Mi/Cd0o113HsVYlETMv1vlJWZWYP91PK9trixiY4E0G81c6IKITjHDrOJ9evdw2T1/TrvY6pzre3UXSJbFMDQVX6JoAxFk02SRZDKOZdRojeoX19lgrFAAAABzjlz3Qg2as3vn7MRQVxDfZucgE</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
<configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
<providers>
<clear />
<add keyContainerName="NetFrameworkConfigurationKey" cspProviderName=""
useMachineContainer="true" useOAEP="false" description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
name="RsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<add useMachineProtection="true" description="Uses CryptProtectData and CryptUnProtectData Windows APIs to encrypt and decrypt"
keyEntropy="" name="DataProtectionConfigurationProvider" type="System.Configuration.DpapiProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</configProtectedData>
</configuration>
System.Object
System.Configuration.Provider.ProviderBase
System.Configuration.ProtectedConfigurationProvider
System.Configuration.DpapiProtectedConfigurationProvider
Seguridad para subprocesos
Los miembros estáticos públicos (Shared en Visual Basic) de este tipo son seguros para la ejecución de subprocesos. No se garantiza que los miembros de instancias sean seguros para la ejecución de subprocesos.
Windows 98, Windows 2000 SP4, Windows Millennium, Windows Server 2003, Windows XP Media Center, Windows XP Professional x64, Windows XP SP2, Windows XP Starter Edition
.NET Framework no admite todas las versiones de cada plataforma. Para obtener una lista de las versiones admitidas, vea Requisitos del sistema.
.NET Framework
Compatible con: 2.0