Hi,
I need to copy files to/from a network share in a LAN with/without
Active Directory.
If my user has no right to do so I have to use impersonation in the
same way Windows prompt me for a user and a password.
It is possible to change credentials (impersonate another user) using
only managed code or the only solution is to use LogonUser through
DllImport?
The second big problem comes back every time I have to deal with
credentials and I would be grateful if someone could give me a clear
explanation.
If I have to store a user and a password in a secure way what is the
best practice???
I have only found the DONTs (hard code, put unencrypted in the .config
file, put in the registry) but not the DOs.
Obviously I think I should encrypt data, but wich encryption should I
use?
Where should I put the user and password?
An idea could be to put all in the DB, but again how should I encrypt
DB connection credentials and where should I put them?
Thanks in avance,
Luigi.
I need to copy files to/from a network share in a LAN with/without
Active Directory.
If my user has no right to do so I have to use impersonation in the
same way Windows prompt me for a user and a password.
It is possible to change credentials (impersonate another user) using
only managed code or the only solution is to use LogonUser through
DllImport?
The second big problem comes back every time I have to deal with
credentials and I would be grateful if someone could give me a clear
explanation.
If I have to store a user and a password in a secure way what is the
best practice???
I have only found the DONTs (hard code, put unencrypted in the .config
file, put in the registry) but not the DOs.
Obviously I think I should encrypt data, but wich encryption should I
use?
Where should I put the user and password?
An idea could be to put all in the DB, but again how should I encrypt
DB connection credentials and where should I put them?
Thanks in avance,
Luigi.
Comment