|
I have a .NET Core WebAPI, and I have the db connection string stored in the appsettings.json.
In my company, the policy is the db password would change every 6 months. Since this is a pretty common IT security requirement, I wonder how other people handle their application's connection string?
Every 6 months, edit the appsettings.json, re-deploy
Just go and edit the connection string directly on production server while it's running (since the appsettings.json is read during run time, I assume this would not be a problem?)
How do you guys do this?
We are using on-prem Azure DevOps, if that makes any difference.
modified 18-May-21 9:17am.
|
|
|
|
|
With 20+ applications on various production servers around the world, alright Asia, we wrote an application specifically to change the passwords every period. It could only be launched by a manager who's balls were held between 2 bricks. Getting the dammed thing out of source control was a bitch.
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
MaxwellMiky wrote: Since this is a pretty common IT security requirement, Not for db passwords, in my experience. We don't ever change db passwords.
It seems like the only option is to coordinate the changing of the password and updating the json file at the same time, after hours if that's an option.
|
|
|
|
|
Use Integrated Security=SSPI, e.g.
Server=xxxxxxxx;Database=xxxxxxxx;Integrated Security=SSPI then it is all controlled by AD. No changes needed
|
|
|
|
|
This runs under the context of the user and user's will not have any permissions to a sql database.
|
|
|
|
|
|
I would like to create a c # wrap to call the API of the exchange btc-aplha as it implements the DCY currency which is the only one of an Italian project. My difficulty is understanding the rules for implementing key based authorization. Documentation is very sparse
https:
|
|
|
|
|
I'd like an icecream.
Reposting isn't going to help. Just makes me skip the question, becuase you impatient and I prefer those who aren't.
Contact their helpdesk. This site doesn't provide help with third-party stuff. We can help you with anything coding-related, but don't know how their API works. If it sucks, it sucks, and let them know.
Bastard Programmer from Hell
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
Thanks for the reply. Yes, I have already written to them, but they have not replied. In the link I have attached this is indicated
Is formed using the request body and the secret by this algorithm:
All keys of the object of the request body are sorted alphabetically;
All values of the object of the request body are merged into a string with adding a secret at the end, which you get when logging into the system;
The entire string is hashed by the sha256 method
hash('sha256', parama_A + param_D + pamam_B + param_C + 123 + secret)
|
|
|
|
|
I would like to create a wrap to call the API of the exchange btc-aplha as it implements the DCY currency which is the only one of an Italian project. My difficulty is understanding the rules for implementing key based authorization. The documentation is very sparse and I don't understand the examples which are in phyton or node.js
https://btc-alpha.github.io/api-docs/?javascript#authorization
Can anyone help me to implement the following methods I took from the node.js example
<pre>const hmacSha256 = require('crypto-js/hmac-sha256');
const request = require('request');
const BASE_URL = 'https://btc-alpha.com/api/v1';
const API_KEY = '0000-0000...';
const SECRET = 'Z%2........';
function serializePayload(payload) {
return Object
.keys(payload)
.sort()
.map((key) => key + "=" + encodeURIComponent(payload[key]))
.join('&');
}
function getAuthHeaders(payload) {
const sign = hmacSha256(API_KEY + serializePayload(payload), SECRET).toString();
return {
'X-KEY': API_KEY,
'X-SIGN': sign,
'X-NONCE': Date.now()
};
}
function getWallets(callback) {
payload = {};
const options = {
method: 'get',
url: `${BASE_URL}/wallets/`,
headers: getAuthHeaders(payload)
};
request(options, callback);
}
function createOrder(order, callback) {
const options = {
method: 'post',
url: `${BASE_URL}/order/`,
headers: getAuthHeaders(order),
form: order,
};
request(options, callback);
}
getWallets((error, response, body) => {
console.log('error', error);
console.log('body', body);
});
const order = {
type: 'buy',
pair: 'BTC_USD',
amount: '0.0001',
price: '0.1'
};
createOrder(order, (error, response, body) => {
console.log('error', error);
console.log('body', body);
});
|
|
|
|
|
Hello Friends,
I'm looking to sign a message in Dot.Net with an OpenSSL Library. I've found a couple different options, but thought it worthwhile to ask if anyone has experience with RSA crypto from Dot.Net on Win10 before I dive into evaluating different packages. I'm not adverse to purchasing a good library.
Thanks!
David
"Qulatiy is Job #1"
modified 7-May-21 13:57pm.
|
|
|
|
|
This looks like spam. I'd remove the links if I were you.
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Here is the message that pops up when i try to run my code in C#
server error: in :application specified web pages version "3.0.0.0" could not be found. update your web.config to specify a different version. current version: "2.0.0.0:"
|
|
|
|
|
Probably a good idea to do what the message tells you.
|
|
|
|
|
I have tried that and it seems its leading me to more errors
|
|
|
|
|
There's a secret error somewhere in your secret code. You should fix that.
Seriously, how do you expect anyone to be able to help you based on the complete lack of information you've provided?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
So sorry for that
here is the thang: I cant take a pic of it
Server Error in '/' Application
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: The CodeDom provider type "Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral. publicKey=31bf3856ad364e35" could not be located.
... to add to that.. the web.config and packages.config are ticked red
|
|
|
|
|
You either haven't installed the Microsoft.CodeDom.Providers.DotNetCompilerPlatform package, or the version you have installed doesn't match the version specified in your web.config file.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thanks Richard i have tried to install and now i am getting a different error gain.
Thanks for your help..this is the new error
Server Error in'/' Application
Parser Error
Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error and modify your source file appropriately.
Parse Error Message: Could not load type 'NPA.MvcApplication'
|
|
|
|
|
You have an error in your Global.asax file - it doesn't match the Global.asax.cs class definition.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
thank you for your responses. HOW DO I GO ABOUT CORRECTING THE ERROR
|
|
|
|
|
Fix your code so that the class name matches.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Thank you so much man...
now there is another error displaying after installing
Server Error in'/' Application
Parse Error Message: vould not load type 'NPA.MvcApplication'
|
|
|
|
|
In my opinion there's a strange error in the message you're receiving. It shouldn't say that because what is describing has nothing to do with running your code.
|
|
|
|
|
Dear folks.
I am writing a program for connecting sql server database, and populating data from table using a stored procedure. it is working fine when I use the app.config file's data source as the server name, but when I use the server's ip address and port, it is not working.
it is showing error, stored procedure not found.
My app config's connection string is as below.
<connectionStrings>
<clear />
<add name="CONNECTION_FLOR"
providerName="Microsoft.Data.SqlClient"
connectionString="Data Source=172.142.1.100,1433;User ID=redacted;Password=redacted;Initial Catalog=tempdb;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False" />
</connectionStrings>
But when I use Data Source by name as Data Source=(localdb)\SubdivprojV13; it is working all good. The problem is with ip address and port. I checked the connection, connection is opening. But showing error as stored procedure not found.
please check my code snippet.
Public Class Form1
Dim connection As New SqlConnection(ConfigurationManager.ConnectionStrings("CONNECTION_FLOR").ConnectionString)
Private Sub BTN_DISPLAY_Click(sender As Object, e As EventArgs) Handles BTN_DISPLAY.Click
Dim cmd As New SqlCommand With {
.Connection = connection,
.CommandType = CommandType.StoredProcedure,
.CommandText = "SP_DISPLAY"
}
cmd.Connection.Open()
lbl_CONN.Text = "Connected"
lbl_CONN.ForeColor = Color.Green
Dim dt As DataTable = New DataTable()
dt.Load(cmd.ExecuteReader)
DataGridView1.DataSource = dt
DataGridView1.Update()
If connection.State = ConnectionState.Open Then
connection.Close()
lbl_CONN.Text = "DisConnected"
lbl_CONN.ForeColor = Color.Red
End If
End Sub
End Class
Any help is highly appreciated. Thanks in advance,.
modified 12-Apr-21 12:09pm.
|
|
|
|