Encrypt user, password info

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Encrypt user, password info

rccnh
If the message needs to be written to a database, the config file is holding the user name, password, database, etc. -- all in plain text.
Is there a way to encrpyt it and have NLog decrypt it when read in?
Reply | Threaded
Open this post in threaded view
|

Re: Encrypt user, password info

Jarek Kowalski
Administrator
Encryption is not directly possible, but there are some other ways to remove your username&passwd from config file:

1. You can put the user and password somewhere in the protected place (registry or file) and access them in your config:

<target type="Database" dbUserName="${registry:key=HKLM\Somewhere:value=username}">
</target>

2. You can put the username & password as variables in a separate configuration file (credentials.xml) that will be included. You can make this file protected:

<nlog>
    <variable name="username" value="myuser" />
    <variable name="password" value="mypass" />
</nlog>

Put this in your main config file:

<nlog>
    <include file="credentials.xml" />

    <targets>
         <target type="Database" dbUserName="${username}" dbPassword="${password}" />
...
   </targets>
</nlog>

3. The third way would be to write a layout renderer that will decrypt your credentials:

    <targets>
         <target type="Database" dbUserName="${decrypt:ciphertext=A123zxz-adas.123e/==}" />
...
   </targets>

Follow the instructions at:

http://www.nlog-project.org/howto_write_layout_renderer.html

If you write a decryption Layout Renderer and choose to contribute it to the public I'll be happy to include it in NLog source.
NLog Blog