SharePoint Tip – App.Config – More Secured Way to Have the config values

Sathish Nadarajan
 
Solution Architect
May 10, 2019
 
Rate this article
 
Views
1895

In most of the scenarios today we need to write some sort of Patch EXEs which nothing is but a console application.  In those console applications, obviously we need to have the app.config in which we will be writing the UserName and passwords.  When we do a Checkin of this code, the credentials got inserted in the git/tfs which is very dangerous.  And moreover, if we have more than one developer, all of them might be using their own usernames and passwords.  And if we have a version history on the git of the app.config, almost, I could get all the developers usernames and passwords.  The sample piece of code in app.config is as below.

 <appSettings>
     <add key="WebUrl" value="" />
     <add key="UserName" value="" />
     <add key="Password" value="" />
     <add key="Domain" value="" />
   </appSettings>
 

We will be consuming this from our C# code as below.

 var webUrl = ConfigurationManager.AppSettings["WebUrl"];
                 var userName = ConfigurationManager.AppSettings["UserName"];
                 var password = ConfigurationManager.AppSettings["Password"];
                 var domain = ConfigurationManager.AppSettings["Domain"];
 

 

To avoid this situation, we have an option.  On the appsettings tag, there is one more attribute called file as below.

 <appSettings file="c:myCredentialsApp.secrets.config">
     <add key="WebUrl" value="" />
     <add key="UserName" value="" />
     <add key="Password" value="" />
     <add key="Domain" value="" />
   </appSettings>
 

 

Now, we can create a file called “App.Secrets.Config” in the specified path and on that file, the tags are very simple and straight forward.

 <appSettings >
   <add key="WebUrl" value="https://google.com" />
   <add key="UserName" value="Sathish" />
   <add key="Password" value="Password" />
   <add key="Domain" value="sppals.com" />
 </appSettings>
 

 

Happy Coding,

Sathish Nadarajan.

 

 

Author Info

Sathish Nadarajan
 
Solution Architect
 
Rate this article
 
Sathish is a Microsoft MVP for SharePoint (Office Servers and Services) having 15+ years of experience in Microsoft Technologies. He holds a Masters Degree in Computer Aided Design and Business ...read more
 

Leave a comment