We are currently storing an encryption key in a protected registry key for our other azure apps and have been adding that key via a startup task. While I see that there is a csdef file in the lightswitch app as well, the startup task never seems to fire locally or on azure. I have even tried adding output to the cmd file so I can see if there is any sort of error, but the file is not even created. Lightswitch doesn't seem to have Win32.registry so adding the key via code seems to be out of the question.
Has anyone else been able to get a startup task to run in an azure hosted lightswitch app? As I understand it, the azure side of things shouldn't be that different between lightswitch and projects containing web.worker roles. They are still running on a vm, so a startup task should still be able to access the registry. If it is not possible does anyone have any other ideas on how to add the registry key? Putting the key in the code is definitely not ideal. FYI both the reg file and the cmd file are in the server folder and set to content and copy always.
startup.cmd:
regedit /s 456ddfrt.reg
exit /b 0
csdef:
<WebRole name="LightSwitchWebRole"
vmsize="Small"
enableNativeCodeExecution="true">
<Startup>
<Task commandLine="startup.cmd" executionContext="elevated" taskType="simple"/>
</Startup>
Solution
I ended up using Isolated Storage as suggested by Yann. A code example is below.
//Get key from storage, add if not exists
try
{
String strKey = (string)appSettings["encrKey"];
strKey = DecryptString(strKey);
}
catch (Exception Ex)
{
appSettings.Add("encrKey",[mykey]);
String strKey = (string)appSettings["encrKey"];
strKey = DecryptString(strKey);
}
It still involves putting the key in the code, but the key is encrypted using a different encryption method, and on azure the likelihood that they will get access to my code is pretty low. Thanks for all the suggestions!
