Home Forums Article Discussions Article Discussions by Author Discuss content posted by shashank bhide File Handling A Different Way RE: File Handling A Different Way

  • April 23, 2008 at 9:53 am

    #806150

    There are times when it is necessary to use xp_cmdshell, but this isn't one of them. As stated in a post above the real issue is securing credentials in the web config files. Using hashing functions is one approach that works there. Other approaches use the built in security of ASP.NET. Several good articles are:

    Enhanced and Secure Connection Strings in Web.Config by Vasudevan Deepak Kumar

    http://www.codeproject.com/KB/web-security/secure_connectionstrings.aspx

    Security Features in ASP.NET - Authentication by Cynthia Carolina

    http://www.asp101.com/articles/cynthia/authentication/default.asp

    How to use the ASP.NET utility to encrypt credentials and session state connection strings.

    http://support.microsoft.com/kb/329290

    Brandon Forest