I have a WCF service with a setting I created in the WCF application property editor (settings tab).
It has created something like the following property in MySettings class in the Settings.Designer.vb file. Notice the DefaultSettingValueAttribute is set to "This is the OLD value". That's my value for local testing.
<Global.System.Configuration.ApplicationScopedSettingAttribute(), _
Global.System.Diagnostics.DebuggerNonUserCodeAttribute(), _
Global.System.Configuration.DefaultSettingValueAttribute("This is the OLD value")> _
Public ReadOnly Property Information() As String
Get
Return CType(Me("Information"),String)
End Get
End Property
On the production server I have changed the web.config file as below. The "NEW" value would be useful for the production server. It represents a connection string, or production resource address.
<applicationSettings>
<setting name="Information" serializeAs="String">
<value>This is the NEW value</value>
</setting>
</applicationSettings>
The problem is after restarting the WCF service (rebooting the server machine completely), it never reads the new value. It continues to use the old value that was set as the default value in the designer file.
I think this must have to do with file permissions, but I don't see anything in the event log that indicates a problem. It's like the WCF service isn't even trying to read the web.config file. I don't find anything like this problem on Google and I've run out of search term ideas.
Why isn't the service reading the settings value from the web.config file?
Did you make sure to add the SectionGroup to the ConfigSections of the production web server?
It should look something like:
<sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="MyWCFService.My.MySettings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</sectionGroup>
and your application settings section should look something like:
<applicationSettings>
<MyWCFService.My.MySettings>
<setting name="Information" serializeAs="String">
<value>This is the NEW value</value>
</setting>
</MyWCFService.My.MySettings>
</applicationSettings>
Related
Here is my app.config
<configuration>
<userSettings>
<MyProject.My.Settings>
<setting name="IP">
<value>127.0.0.1</value>
</setting>
</MyProject.My.Settings>
</uesrSettings>
</configuration>
I tried :
My.Settings.IP
and
TryCast(ConfigurationManager.GetSection("FormProcessing.Designer.My.MySettings"),My.MySettings)
I also tried many other ways and went through so many sites but still didn't get any way to work. I don't want to move it to as well.
This should work
<configuration>
<configSections>
<sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="MyProject.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />
</sectionGroup>
</configSections>
<userSettings>
<MyProject.Properties.Settings>
<setting name="IP" serializeAs="String">
<value>127.0.0.1</value>
</setting>
</MyProject.Properties.Settings>
</userSettings>
</configuration>
Call it MyProject.Properties.Settings.Default.IP
However, the easiest way to create a Property should be, go to menu View / Solution Explorer. Navigate to [Your solution] / [Your project] / My Project / Settings.settings and double click Settings.settings. On the left panel go to Settings. Add a row Name IP, Type String, Scope User, Value 127.0.0.1. On the top there is an access Modifier, I will leave it as friend. Then just use [Your Project].Properties.Settings.Default.IP
I have followed Microsoft's instructions here in order to encrypt my connection strings for my application. I have opted to move my connection strings to their own configuration file, connections.config. My code is as posted below (bottom of page) - nearly identical to the snippets provided by Microsoft. After performing the operations, the command: MessageBox.Show(String.Format("Protected={0}", connectionStringsSection.SectionInformation.IsProtected)) prints True, indicating the operation was successful.
However, Microsoft states that "The following configuration file fragment shows the connectionStrings section after it has been encrypted:"
configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAH2... </CipherValue>
</CipherData>
</EncryptedData>
This does not appear to be true in my case. Despite printing True when asking if my sectionInformation.IsProtected, Both my app.config and my connections.config files remain unchanged when visually inspecting them. This leads me to my questions:
Does the description of my problem indicate that in fact my section is not protected after all?
Why is sectionInformation.IsProtected printing True, but no <EncryptedData> attributes have been added to my sectionInformation?
If you carefully read Microsoft's instructions in the link above, they provide explanations for creating both your own connections.config file outside of app.config, as well as encrypting your connections section. However, they do not explicitly say that following their instructions for encrypting connectionStrings section will do so in the external configuration file, connections.config as well. Is the attribute tag in app.config, <connectionStrings configSource="connections.config" />, sufficient to ensure this behavior?
How do I test that my application's connection strings are indeed encrypted correctly, other than a MessageBox printing the IsProtected property?
NOTE
This is NOT an ASP.Net application, this is a Winforms application
I have tested the above with my connectionStrings in both their own connections.config file, as well as within app.config file, and the result is the same.
The relevant sections of my code are posted below:
*app.config*
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<!-- ... -->
</configSections>
<system.diagnostics>
<!-- ... -->
</system.diagnostics>
<userSettings>
<!-- ... -->
</userSettings>
<connectionStrings configSource="connections.config" />
</configuration>
*connections.config*
<connectionStrings>
<!--Manhattan Connection-->
<add name="MANHATTAN"
connectionString="Data Source=xxx;Initial Catalog=xxx;Persist Security Info=False;Integrated Security=False" />
<add name="DENVER"
connectionString="Data Source=xxx;Initial Catalog=xxx;Persist Security Info=False;Integrated Security=False" />
<add name="DESMOINES"
connectionString="Data Source=xxx;Initial Catalog=xxx;Persist Security Info=False;Integrated Security=False" />
</connectionStrings>
*The connection source code*
Private Sub ToggleConfigurationEncryption(ByVal executableName As String)
Try
Dim configManager = ConfigurationManager.OpenExeConfiguration(executableName)
Dim connectionStringsSection = configManager.GetSection("connectionStrings")
If connectionStringsSection.SectionInformation.IsProtected Then
connectionStringsSection.SectionInformation.UnprotectSection()
Else
connectionStringsSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
End If
configManager.Save()
MessageBox.Show(String.Format("Protected={0}", connectionStringsSection.SectionInformation.IsProtected))
Catch ex As Exception
ExceptionController.LogException(ex)
ExceptionController.DisplayException(ex)
End Try
End Sub
Your issue is happening in your if statement.
If connectionStringsSection.SectionInformation.IsProtected Then
connectionStringsSection.SectionInformation.UnprotectSection()
...
This example shows how to toggle between encrypting and decrypting. In the code posted by you, you're simply decrypting the file if it's already encrypted. Your code should be something like this:
If (Not connectionStringsSection.SectionInformation.IsProtected) Then
connectionStringsSection.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
End If
You only want to encrypt if the file has not been encrypted. Don't worry about decrypting the file and trying to read. It will automatically decrypt it for you.
I don't see the how you're calling the ToggleConfigurationEncryption method. You need to pass the correct name of the output config file. After you launch your app (if in debug mode) you can go to project directory in bin\debug folder and look for your connections.config file. When you open it you'll see that it's encrypted.
I have two solutions, one is a class library and the other is a web application, and I want to get the connection string from the web.config file to the class library as I am developing a custom membership provider. I am using Framework 4.0 and MS Visual Studio 2010.
Thanks
You can put the configuration settings for any library in the main web.config. It's easy!
Connection strings are especially easy. Just add your connection string to the connectionstrings section with the same name it has in the library's app.config, and you're done!
<connectionStrings>
<add name="Sitefinity" connectionString="your connection string"/>
</connectionStrings>
To add configuration settings, at the top of your web config, find the applicationSettings section, and add your section's info. Note: be sure to set your library's settings access modifier to "Public". You can do this in the Properties ui.
<sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<section name="Your.Assembly" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</sectionGroup>
Then, add the section under applicationSettings.
<applicationSettings>
<Your.Assembly>
<setting name="TestSetting" serializeAs="String">
<value>a test value</value>
</setting>
</Your.Assembly>
</applicationSettings>
I have a MyProject.config file that contains ConnectionStrings, AppSettings, and custom sections. I don't want to have to duplicate these settings in the wcf app.config file. Is it possible to merge MyProject.config with app.config or web.config if it is hosted in IIS. If so, where in the code would I do this and how would it be done?
As an example, in MyProject.config, I have a section group called Common and in Common I have AppSettings and ConnectionStrings. I know I can duplicate this in app.config, but then I would have to maintain it in two places.
MyProject.config:
<?xml version="1.0"?>
<configuration>
<sectionGroup name="common">
<section name="appSettings" />
<section name="connectionStrings" />
</sectionGroup>
</configSections>
<common>
<appSettings>
<add key="UserName" value="test" />
<add key="Password" value="test" />
</appSettings>
<connectionstrings></connectionstrings>
</common>
app.config for wcf contains ServiceModel configuration, I dont' want to have to put the above in app.config. I want to read it, does this make sense?
WCF will only load the config based settings for a service from the .NET configuration file for an application (web.config for IIS hosted services). Essentially you are fighting the .NET configuration file model.
If you want to keep the files separate then decide what will act as your primary config file and then use the configSource model for combining multiple config files
I've got a web site with elmah running on it logging to a sql box. In my test env it's a IIS 7 machine and all works well. When i upload to a network solutions web running IIS 6 I get an error
[SecurityException: Request for the permission of type 'System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.]
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +58
System.Configuration.BaseConfigurationRecord.CheckPermissionAllowed(String configKey, Boolean requirePermission, Boolean isTrustedWithoutAptca) +99
The website is setup to run .net 3.5. All of our pages work fine, but elmah gives this error. I've done some searching but can't find what i've setup incorrectly. Was hoping someone else has already solved this.
I suspect your hoster is running ASP.NET in Medium Trust. There's a couple of things to try.
Add the requirePermission="false" attribute to each of the Elmah configuration sections declared in your web.config, for example:
<sectionGroup name="elmah">
<section name="security" type="Elmah.SecuritySectionHandler, Elmah"
requirePermission="false"/>
<section name="errorLog" type="Elmah.ErrorLogSectionHandler, Elmah"
requirePermission="false"/>
</sectionGroup>
If this doesn't work you could also try overriding the trust level by adding this to <system.web> in your web.config file:
<trust level="Full"/>
If this doesn't work then you may need to contact your hoster and ask them to relax their trust policy. However if your site is in a shared pool it's unlikely that they'll entertain this.
Update:
About the requirePermission attribute: The default Medium Trust policy doesn't permit partially trusted callers access to configuration file settings, even in your own application.
You can elect to override this for your application's local configuration settings by setting requirePermission="false". This is done in the <section name="..." type="..." /> declarations in your web.config file. So, when you set:
<section name="errorLog" type="Elmah.ErrorLogSectionHandler, Elmah"
requirePermission="false"/
Effectively what your saying is please grant Elmah permission to read this setting:
<errorLog type="Elmah.VistaDBErrorLog, Elmah" connectionStringName="ElmahDB" />