-2

I have a username and password key within my web.config file. I need to access those keys within the web.config in a provider. Is this possible if so what is the best way to accomplish this?

This is an example of how I want it to work:

<add key="ActiveDirectoryUser" value="user"/>
<add key="ActiveDirectoryPass" value="pass"/>

 <membership defaultProvider="ADMembershipProvider">
    <providers>
      <clear />
      <add name="ADMembershipProvider"
           type="System.Web.Security.ActiveDirectoryMembershipProvider" 
           connectionStringName="ADConnectionString"
           connectionUsername="userfromabove"
           connectionPassword="passfromabove"
           attributeMapUsername="sAMAccountName" />
    </providers>
  </membership>

Access from within the web.config not in code.

mason
  • 31,774
  • 10
  • 77
  • 121
Dwill
  • 506
  • 1
  • 5
  • 22
  • You want to get those keys in your code? Use ConfigurationManager.AppSettings["key_name"] – Ali Baig Jan 20 '17 at 21:24
  • ConfigurationManager.AppSettings["Username"] – Muhammad Saqlain Jan 20 '17 at 21:24
  • That will depend a lot on the provider. The provider I use has a file explorer which I sometimes use for simple things like this. Also, certain publish functions use a transform method to accomplish this. – nurdyguy Jan 20 '17 at 21:24
  • Unless something in web.config has been set up ahead of time to be able to refer to configuration data from other parts, then what you're trying to accomplish generally won't work. You'll just have to have the username and password in there twice. Note that if you're using a build/release system with tokenized web.config files or similar, you only need to store the data once, and you can keep your sensitive information out of the actual config files until it comes time to deploy. – mason Jan 20 '17 at 21:33
  • XY problem. You need a deployment system that can replace variables in configuration files. – CodeCaster Jan 20 '17 at 21:33
  • [This is the XY Problem](http://meta.stackexchange.com/questions/66377/what-is-the-xy-problem) that CodeCaster is referring to. – mason Jan 20 '17 at 21:39

1 Answers1

2

The code consuming the configuration file needs to be set up ahead of time in order to be able to accomplish what you are seeking. And that particular code hasn't, so it will not work exactly that way you want it to.

Note that in more mature systems, the way around this is to have some other system handle inserting configuration data that may change or is sensitive. For example, we use Team Foundation Server. During a build we apply config transformations to create a tokenized web.config that looks like the following:

<add key="ActiveDirectoryUser" value="__ActiveDirectoryUser__"/>
<add key="ActiveDirectoryPass" value="__ActiveDirectoryPass__"/>

 <membership defaultProvider="ADMembershipProvider">
    <providers>
      <clear />
      <add name="ADMembershipProvider"
           type="System.Web.Security.ActiveDirectoryMembershipProvider" 
           connectionStringName="ADConnectionString"
           connectionUsername="__ActiveDirectoryUser__"
           connectionPassword="__ActiveDirectoryPassword__"
           attributeMapUsername="sAMAccountName" />
    </providers>
  </membership>

Then later in our Release process, an automated task will replace each __Variable__ with a corresponding value defined in our release management system.

mason
  • 31,774
  • 10
  • 77
  • 121
  • 1
    @CodeCaster It was a revenge downvote - I got about a dozen of them just now. Probably from the gentleman who deleted his answer. It's okay, it will be reversed I'm sure. – mason Jan 20 '17 at 21:59